|
Bugzilla – Full Text Bug Listing |
| Summary: | VUL-0: CVE-2005-2672: sensors: symlink attack possible over pwmconfig | ||
|---|---|---|---|
| Product: | [Novell Products] SUSE Security Incidents | Reporter: | Thomas Biege <thomas> |
| Component: | Incidents | Assignee: | Dr. Werner Fink <werner> |
| Status: | RESOLVED FIXED | QA Contact: | Security Team bot <security-team> |
| Severity: | Normal | ||
| Priority: | P5 - None | CC: | security-team |
| Version: | unspecified | ||
| Target Milestone: | --- | ||
| Hardware: | Other | ||
| OS: | All | ||
| URL: | http://www.ubuntulinux.org/support/documentation/usn/usn-172-1 | ||
| Whiteboard: | CVE-2005-2672: CVSS v2 Base Score: 2.1 (AV:L/AC:L/Au:N/C:N/I:P/A:N) | ||
| Found By: | Other | Services Priority: | |
| Business Priority: | Blocker: | --- | |
| Marketing QA Status: | --- | IT Deployment: | --- |
| Attachments: | fixed | ||
|
Description
Thomas Biege
2005-08-25 10:20:12 UTC
Args ... STABLE uses lm_sensors-2.9.1. Now ... is 2.9.1 secure? Accordingly to your links it is not ... but is this true? still vulberable. egrep -v '(INTERVAL|FCTEMPS|FCFANS|MAXTEMP|MINTEMP|MINSTART|MINSTOP)' $FCCONFIG >/tmp/fancontrol echo -e "INTERVAL=$INTERVAL\nFCTEMPS=$FCTEMPS\nFCFANS=$FCFANS\nMINTEMP=$MINTEMP\nMAXTEMP=$MAXTEMP\nMINSTART=$MINSTART\nMINSTOP=$MINSTOP" >>/tmp/fancontrol Created attachment 47528 [details]
fixed
see attachment Thanks! CVE-2005-2672: CVSS v2 Base Score: 2.1 (AV:L/AC:L/Au:N/C:N/I:P/A:N) |