FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-18 11:12:36 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
0ac68e68-d32b-11dd-b540-d1288664c17e	ampache -- insecure temporary file usage Secunia reports: A security issue has been reported in Ampache, which can be exploited by malicious, local users to perform certain actions with escalated privileges. The security issue is caused due to the "gather-messages.sh" script handling temporary files in an insecure manner. This can be exploited via symlink attacks to overwrite arbitrary files with the privileges of the user running the script. Discovery 2008-12-24 Entry 2008-12-26 ampache < 3.4.3 30875 CVE-2008-3929 http://secunia.com/advisories/31657

VuXML ID

Description

0ac68e68-d32b-11dd-b540-d1288664c17e

ampache -- insecure temporary file usage

Secunia reports:

A security issue has been reported in Ampache, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

The security issue is caused due to the "gather-messages.sh" script handling temporary files in an insecure manner. This can be exploited via symlink attacks to overwrite arbitrary files with the privileges of the user running the script.

Discovery 2008-12-24
Entry 2008-12-26
ampache

< 3.4.3

30875
CVE-2008-3929
http://secunia.com/advisories/31657