I think this was discovered by Marcus Meissner from SUSE and wrongly attributed by Secunia. Insecure temporary file handling in cvsbug program. Full details in URL.
*** Bug 103303 has been marked as a duplicate of this bug. ***
cvs-utils please verify and bump as needed.
in cvs now.
stable on ppc64
Stable on x86.
sparc stable.
Stable on hppa
Stable on ppc.
Stable on the shiny alpha architecture :) Cheers, Ferdy
Stable on amd64 - sorry about the delay.
CAN-2005-2693 "It is possible that a malicious user could leverage this issue to execute arbitrary instructions as the user running cvsbug." Time to vote, I tend to vote yes (more impact than just overwriting a file with garbage, though cvsbug use is a little unlikely).
vote NO, difficult to exploit. impossible to predict when someone is going to run cvsbug, and even if you could social engineer a situation when you knew the precise time that someone was going to execute it and convince them that they had found a bug that needed to be reported, you still need to win a race condition.
I tend to vote NO.
Reversing YES to NO, and closing.
Stable on mips.