-------------------------------------------------------------------------- Debian Security Advisory DSA 366-1 security@debian.org http://www.debian.org/security/ Matt Zimmerman August 5th, 2003 http://www.debian.org/security/faq -------------------------------------------------------------------------- Package : eroaster Vulnerability : insecure temporary file Problem-Type : local Debian-specific: no CVE Id : CAN-2003-0656 eroaster, a frontend for burning CD-R media using cdrecord, does not take appropriate security precautions when creating a temporary file for use as a lockfile. This bug could potentially be exploited to overwrite arbitrary files with the privileges of the user running eroaster.
glsa sent