FreeBSD : acroread -- insecure temporary file creation (107692a1-ee6c-11d9-8310-0001020eed82)

This script is Copyright (C) 2005-2015 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

Secunia Research reports :

Secunia has discovered a security issue in Adobe Reader for Linux,
which can be exploited by malicious, local users to gain knowledge of
sensitive information.

The problem is caused due to temporary files being created with
permissions based on a user's umask in the '/tmp' folder under certain
circumstances when documents are opened.

Successful exploitation allows an unprivileged user to read arbitrary
users' documents.

See also :

http://secunia.com/secunia_research/2005-6/advisory/
http://www.nessus.org/u?9234eca6

Solution :

Update the affected packages.

Risk factor :

Low / CVSS Base Score : 2.1
(CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 18844 (freebsd_pkg_107692a1ee6c11d983100001020eed82.nasl)

Bugtraq ID:

CVE ID: CVE-2005-1841

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now