FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2005-0077

This CVE name corresponds to:

Entered Topic
2006-04-23 p5-DBI -- insecure temporary file creation vulnerability

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

Details

Type Candidate
Name CVE-2005-0077
Phase Assigned(20050114)

Description

The DBI library (libdbi-perl) for Perl allows local users to overwrite arbitrary files via a symlink attack on a temporary PID file.

References

Source Reference
DEBIAN DSA-658
FEDORA FLSA-2006:178989
GENTOO GLSA-200501-38
MANDRAKE MDKSA-2005:030
REDHAT RHSA-2005:072
BUGTRAQ 20050125 [USN-70-1] Perl DBI module vulnerability
BID 12360
OVAL oval:org.mitre.oval:def:10552
SECTRACK 1013007
SECUNIA 14015
SECUNIA 14050
XF dbi-library-file-overwrite(19068)