CVE-2006-0512

NameCVE-2006-0512
DescriptionPADL MigrationTools 46 creates temporary files insecurely, which allows local users to overwrite arbitrary files via a symlink attack on the temporary files, which are not properly created by (1) migrate_all_online.sh, (2) migrate_all_offline.sh, (3) migrate_all_netinfo_online.sh, (4) migrate_all_netinfo_offline.sh, (5) migrate_all_nis_online.sh, (6) migrate_all_nis_offline.sh, (7) migrate_all_nisplus_online.sh, and (8) migrate_all_nisplus_offline.sh.
SourceCVE (at NVD; oss-sec, fulldisc, OSVDB, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, more)
ReferencesDSA-1187-1
NVD severitylow (attack range: local)
Debian Bugs338920
Debian/oldstablenot vulnerable.
Debian/stablenot vulnerable.
Debian/testingnot vulnerable.
Debian/unstablenot vulnerable.

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
migrationtools (PTS)wheezy, squeeze, jessie, sid47-8fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
migrationtoolssource(unstable)46-2.1medium338920
migrationtoolssourcesarge46-1sarge1lowDSA-1187-1

Search for package or bug name: Reporting problems