SuSE9 Security Update : arc (YOU Patch Number 10496)
Low Nessus Plugin ID 41079
SynopsisThe remote SuSE 9 host is missing a security-related patch.
DescriptionThis updates fixes two bugs :
- Eric Romang discovered that the ARC archive program under Unix creates a temporary file with insecure permissions which may lead to an attacker stealing sensitive information. (CVE-2005-2945)
- Joey Schulze discovered that the temporary file was created in an insecure fashion as well, leaving it open to a classic symlink attack. (CVE-2005-2992)
SolutionApply YOU patch number 10496.