CVE-2006-1695

Upstream information

CVE-2006-1695 at MITRE

Description

The fbgs script in the fbi package 2.01-1.4, when the TMPDIR environment variable is not defined, allows local users to overwrite arbitrary files via a symlink attack on temporary files in /var/tmp/fbps-[PID].

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having moderate severity.

CVSS v2 Scores
	National Vulnerability Database
Base Score	1.2
Vector	AV:L/AC:H/Au:N/C:N/I:P/A:N
Access Vector	Local
Access Complexity	High
Authentication	None
Confidentiality Impact	None
Integrity Impact	Partial
Availability Impact	None

SUSE Bugzilla entry: 168728 [RESOLVED / FIXED]

SUSE Security Advisories:

SUSE-SR:2006:019, published Wed, 09 Aug 2006 15:00:00 +0000

CVE-2006-1695

Common Vulnerabilities and Exposures

Upstream information

Description

SUSE information

SUSE Linux Enterprise

SUSE Rancher

Solutions

Industries

Support

Services

Resources

Partners

Communities

About