Local File Overwrite Vulnerability in GNU Troff by GNU
CVE-2009-5081

Currently unrated

Key Information:

Vendor

Gnu
Status
Groff
Vendor
CVE Published:
30 June 2011

What is CVE-2009-5081?

The GNU troff product, including versions up to 1.21, contains a vulnerability in the scripts config.guess, contrib/groffer/perl/groffer.pl, and contrib/groffer/perl/roff2.pl, using an inadequate number of X characters in the template argument for the tempfile function. This flaw can allow local users to overwrite arbitrary files through a symlink attack via a temporary file, thus posing a significant security risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://openwall.com/lists/oss-security/2009/08/14/4
mailing-listx_refsource_MLIST
http://openwall.com/lists/oss-security/2009/08/14/5
mailing-listx_refsource_MLIST
http://cvsweb.openwall.com/cgi/cvsweb.cgi/Owl/packages/gr...
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.