MDVSA-2008:214
- Package name
- mon
- Date
- 2008-10-16
- Advisory ID
- MDVSA-2008:214
- Affected versions
- CS3.0 i586 , CS3.0 x86_64
Problem description
Dmitry E. Oboukhov found that the test.alert script used in one of
the alert functions in mon created temporary files insecurely, which
could lead to a local denial of service or arbitrary file overwrite
via a symlink attack (CVE-2008-4477).
The updated packages have been patched to prevent this issue.
Updated packages
CS3.0 i586
876ccdda7a9bb7c15a748ddbd0c309d8 corporate/3.0/i586/mon-0.99.2-4.1.C30mdk.i586.rpm d08d7841919e4deaba2ac741ac7bce85 corporate/3.0/SRPMS/mon-0.99.2-4.1.C30mdk.src.rpm
CS3.0 x86_64
4e9cd4af947483a388c192b903fcac40 corporate/3.0/x86_64/mon-0.99.2-4.1.C30mdk.x86_64.rpm d08d7841919e4deaba2ac741ac7bce85 corporate/3.0/SRPMS/mon-0.99.2-4.1.C30mdk.src.rpm