what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Mandriva Linux Security Advisory 2008-076

Mandriva Linux Security Advisory 2008-076
Posted Mar 26, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Two vulnerabilities were found in the Website META Language (WML) package that allowed local users to overwrite arbitrary files via symlink attacks.

tags | advisory, arbitrary, local, vulnerability
systems | linux, mandriva
advisories | CVE-2008-0665, CVE-2008-0666
SHA-256 | 642f93fb28c1a2234f77263f6160cec95cf0a8097345eac770f28404eaf2d0ff

Mandriva Linux Security Advisory 2008-076

Change Mirror Download

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2008:076
http://www.mandriva.com/security/
_______________________________________________________________________

Package : wml
Date : March 26, 2008
Affected: 2007.1, 2008.0
_______________________________________________________________________

Problem Description:

Two vulnerabilities were found in the Website META Language (WML)
package that allowed local users to overwrite arbitrary files via
symlink attacks.

The updated packages have been patched to correct these issues.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0665
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0666
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2007.1:
5236531d6397a276dbbdc13b118605db 2007.1/i586/wml-2.0.11-1.1mdv2007.1.i586.rpm
aa1c8ddcebacd87ab711f45b29297aff 2007.1/SRPMS/wml-2.0.11-1.1mdv2007.1.src.rpm

Mandriva Linux 2007.1/X86_64:
b6cca9238f4c53141f18fa72302fe8fe 2007.1/x86_64/wml-2.0.11-1.1mdv2007.1.x86_64.rpm
aa1c8ddcebacd87ab711f45b29297aff 2007.1/SRPMS/wml-2.0.11-1.1mdv2007.1.src.rpm

Mandriva Linux 2008.0:
e25d594701c56bd51c8e648ebeac206b 2008.0/i586/wml-2.0.11-1.1mdv2008.0.i586.rpm
c34710838783e2d725ecf5fc99d24091 2008.0/SRPMS/wml-2.0.11-1.1mdv2008.0.src.rpm

Mandriva Linux 2008.0/X86_64:
1e57a84169d7168bae4aff8bdc38f02e 2008.0/x86_64/wml-2.0.11-1.1mdv2008.0.x86_64.rpm
c34710838783e2d725ecf5fc99d24091 2008.0/SRPMS/wml-2.0.11-1.1mdv2008.0.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (GNU/Linux)

iD8DBQFH6o0gmqjQ0CJFipgRArgjAJ4p41jCe2Y3Vk5VxS9wNoUXOs/LJgCffqoh
8TVcY+m67QHbXdSHB1nlh2Q=
=yda2
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    0 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    0 Files
  • 7
    Feb 7th
    0 Files
  • 8
    Feb 8th
    0 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close