Network Security News – Friday, September 23, 2005 Events
OpenTTD network_client.c Format String
OpenTTD contains a flaw that may allow a malicious user to issue format commands to the network_client.c program. It is possible that the flaw may terminate the application (DoS) or execute commands, resulting in a loss of confidentiality, or availability.. Read more at osvdb.org/19622
OpenTTD network.c Format String
OpenTTD contains a flaw that may allow a malicious user to issue format commands to the network.c program. It is possible that the flaw may terminate the application (DoS) or execute commands, resulting in a loss of confidentiality, or availability.. Read more at osvdb.org/19620
OpenTTD console_cmds.c Format String
OpenTTD contains a flaw that may allow a malicious user to issue format commands to the console_cmds.c program. It is possible that the flaw may terminate the application (DoS) or execute commands, resulting in a loss of confidentiality, or availability.. Read more at osvdb.org/19623
Bacula /scripts/mtx-changer.in Insecure Temporary File Creation
Bacula contains a flaw that may allow a malicious local user to create or overwrite arbitrary files on the system. The issue is due to scripts/mtx-changer.in creating temporary files in /tmp insecurely. It is possible for a user to use a symlink style attack to manipulate arbitrary files, resulting in a loss of integrity.. Read more at osvdb.org/19514
Bacula /autoconf/randpass Insecure Temporary File Creation
Bacula contains a flaw that may allow a malicious local user to create or overwrite arbitrary files on the system. The issue is due to /autoconf/randpass creating temporary files in /tmp insecurely. It is possible for a user to use a symlink style attack to manipulate arbitrary files, resulting in a loss of integrity.. Read more at osvdb.org/19512
Leave a Reply