blob: 8cd9f4dcb2a321d1bda261bf3a63b30d1f925a07 [file] [log] [blame]
<?xml version="1.0" encoding="utf-8"?>
<glsa id="200803-23">
<title>Website META Language: Insecure temporary file usage</title>
Multiple insecure temporary file vulnerabilities have been discovered in
the Website META Language.
<product type="ebuild">wml</product>
<announced>March 15, 2008</announced>
<revised>March 15, 2008: 01</revised>
<package name="dev-lang/wml" auto="yes" arch="*">
<unaffected range="ge">2.0.11-r3</unaffected>
<vulnerable range="lt">2.0.11-r3</vulnerable>
Website META Language is a free and extensible Webdesigner's off-line
HTML generation toolkit for Unix.
Temporary files are handled insecurely in the files
wml_backend/p1_ipp/ipp.src, wml_contrib/wmg.cgi, and
wml_backend/p3_eperl/eperl_sys.c, allowing users to overwrite or delete
arbitrary files with the privileges of the user running the program.
<impact type="normal">
Local users can exploit the insecure temporary file vulnerabilities via
symlink attacks to perform certain actions with escalated privileges.
Restrict access to the temporary directory to trusted users only.
All Website META Language users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose &quot;&gt;=dev-lang/wml-2.0.11-r3&quot;</code>
<uri link="">CVE-2008-0665</uri>
<uri link="">CVE-2008-0666</uri>
<metadata tag="requester" timestamp="Tue, 11 Mar 2008 22:05:35 +0000">
<metadata tag="bugReady" timestamp="Tue, 11 Mar 2008 22:05:48 +0000">
<metadata tag="submitter" timestamp="Sat, 15 Mar 2008 20:18:51 +0000">