MDKSA-2003:083

Package name

eroaster

Date

2003-08-19

Advisory ID

MDKSA-2003:083

Affected versions

CS2.1 i586 , 9.1 i586 , 9.0 i586

Problem description

A vulnerability was discovered in eroaster where it does not take any security precautions when creating a temporary file for the lockfile. This vulnerability could be exploited to overwrite arbitrary files with the privileges of the user running eroaster.

Updated packages

CS2.1 i586

 381dd0ff7119ea907f3e7c91125ed3d4  corporate/2.1/RPMS/eroaster-2.1.0-6.1mdk.noarch.rpm
859fd6b2fe922be90f2594e4b7e0a8f5  corporate/2.1/SRPMS/eroaster-2.1.0-6.1mdk.src.rpm

9.1 i586

 24914649a0aefd1733b474e44509baf0  9.1/RPMS/eroaster-2.1.0-6.1mdk.noarch.rpm
859fd6b2fe922be90f2594e4b7e0a8f5  9.1/SRPMS/eroaster-2.1.0-6.1mdk.src.rpm

9.0 i586

 381dd0ff7119ea907f3e7c91125ed3d4  9.0/RPMS/eroaster-2.1.0-6.1mdk.noarch.rpm
859fd6b2fe922be90f2594e4b7e0a8f5  9.0/SRPMS/eroaster-2.1.0-6.1mdk.src.rpm

References

• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0656