Bug 63541 (CVE-2004-0996)

Summary: VUL-0: CVE-2004-0996: cscope: insecure tmp file handling
Product: [Novell Products] SUSE Security Incidents Reporter: Thomas Biege <thomas>
Component: IncidentsAssignee: Lukas Tinkl <ltinkl>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: security-team
Version: unspecified   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard: CVE-2004-0996: CVSS v2 Base Score: 2.1 (AV:L/AC:L/Au:N/C:N/I:P/A:N)
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---
Attachments: patch.CAN-2004-0996.cscope

Description Thomas Biege 2004-11-25 19:57:24 UTC 
Hi Likas, 
please have a look at: 
http://lists.netsys.com/pipermail/full-disclosure/2004-November/029341.html 
 
CAN-2004-0996 
 
A fix in STABLE is sufficient. 
 
I'll attach the patch in a few minutes.
Comment 1 Thomas Biege 2004-11-25 19:57:24 UTC 
<!-- SBZ_reproduce  -->
-
Comment 2 Thomas Biege 2004-11-25 19:58:47 UTC 
Created attachment 26450 [details]
patch.CAN-2004-0996.cscope
Comment 3 Lukas Tinkl 2004-11-29 20:52:23 UTC 
Package submitted
Comment 4 Marcus Meissner 2004-11-30 00:50:20 UTC 
-vul-0: since only stable needs it.
Comment 5 Thomas Biege 2004-12-14 19:48:54 UTC 
ok it is in the stable package.. will set to FIXED
Comment 6 Thomas Biege 2009-10-13 20:00:38 UTC 
CVE-2004-0996: CVSS v2 Base Score: 2.1 (AV:L/AC:L/Au:N/C:N/I:P/A:N)