CVE-2009-1215 in Ubuntu

CVE-2009-1215

Priority

Low

Description

Race condition in GNU screen 4.0.3 allows local users to create or
overwrite arbitrary files via a symlink attack on the /tmp/screen-exchange
temporary file.

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1215

Bugs

https://bugs.edge.launchpad.net/ubuntu/+source/screen/+bug/315993

Package

Source: screen (LP Ubuntu Debian)

Upstream:	released (4.0.3-13)
Ubuntu 8.04 LTS (Hardy Heron):	ignored (reached end-of-life)
Ubuntu 10.04 LTS (Lucid Lynx):	not-affected
Ubuntu 11.04 (Natty Narwhal):	not-affected
Ubuntu 11.10 (Oneiric Ocelot):	not-affected

More Information

Mitre
NVD
Launchpad
Debian

Updated: 2012-06-01 15:19:46 UTC (commit 5347)