Red Hat Bugzilla – Bug 433719
CVE-2008-0806 Wyrd uses insecure temporary file
Last modified: 2008-05-06 12:16:58 EDT
Common Vulnerabilities and Exposures assigned an identifier CVE-2008-0806 to the following vulnerability:
wyrd 1.4.3b allows local users to overwrite arbitrary files via a symlink attack on the wyrd-tmp.[USERID] temporary file.
wyrd-1.4.3b-1.fc8 has been submitted as an update for Fedora 8
wyrd-1.4.3b-1.fc7 has been submitted as an update for Fedora 7
wyrd-1.4.3b-1.fc7 has been pushed to the Fedora 7 stable repository. If problems still persist, please make note of it in this bug report.
wyrd-1.4.3b-1.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report.
This issue was addressed in: