Bug 64543 - (CVE-2003-0924) VUL-0: CVE-2003-0924: netpbm: insecure tmp file handling
(CVE-2003-0924)
VUL-0: CVE-2003-0924: netpbm: insecure tmp file handling
Status: RESOLVED DUPLICATE of bug 49036
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
All Linux
: P3 - Medium : Normal
: ---
Assigned To: Vladimir Nadvornik
Security Team bot
CVE-2003-0924: CVSS v2 Base Score: 3....
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2004-12-30 18:44 UTC by Thomas Biege
Modified: 2021-10-27 15:38 UTC (History)
2 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Thomas Biege 2004-12-30 18:44:29 UTC
Hi, 
Connectiva released updates for an old bug. 
" 
DESCRIPTION 
 netpbm[1] are tools for manipulating graphic files in many formats. 
 
 Utilities provided by the netpbm package prior to the 9.25 version 
 contain defects[2] in temporary file handling. They create temporary 
 files with predictable names without checking if the target file 
 already exists. 
 
 
SOLUTION 
 It is recommended that all netpbm users upgrade their packages. 
 
 
 REFERENCES 
 1.http://netpbm.sourceforge.net/ 
 2.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0924 
" 
 
CVE-2003-0924 
 
 
I did not found a hint in bugzilla if we fixed it or not.
Comment 1 Thomas Biege 2004-12-30 18:44:30 UTC
<!-- SBZ_reproduce  -->
-
Comment 2 Vladimir Nadvornik 2005-01-03 20:07:26 UTC
We have it fixed. 

*** This bug has been marked as a duplicate of 49036 ***
Comment 3 Thomas Biege 2009-10-13 19:45:10 UTC
CVE-2003-0924: CVSS v2 Base Score: 3.7 (AV:L/AC:H/Au:N/C:P/I:P/A:P)