Local File Modification Vulnerability in a2ps by GNU
CVE-2001-1593
Currently unrated
Summary
The a2ps product, version 4.14 and earlier, has a vulnerability stemming from the tempname_ensure function in lib/routines.h. This vulnerability allows local users to exploit a symlink attack, potentially enabling them to modify arbitrary files through insecure handling of temporary files. This poses significant risks to system integrity, as unauthorized file changes can lead to data corruption or unintended behavior in applications. Proper security measures should be implemented to mitigate this risk.
References
Timeline
Vulnerability published
Vulnerability Reserved