Ubuntu 12.04 LTS / 12.10 / 13.04 : txt2man vulnerability (USN-1979-1)
Low Nessus Plugin ID 70254
SynopsisThe remote Ubuntu host is missing a security-related patch.
DescriptionPatrick J Cherry discovered that txt2man contained leftover debugging code that incorrectly created a temporary file. A local attacker could possibly use this issue to overwrite arbitrary files. In the default Ubuntu installation, this should be prevented by the Yama link restrictions.
Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
SolutionUpdate the affected txt2man package.