On Fri, 28 Feb 2003 16:20:17 +0100 (CET) [EMAIL PROTECTED] (Martin Schulze) wrote:
> It has been discovered that adb2mhc from the mhc-utils package. The > default temporary directory uses a predictable name. This adds a > vulnerability that allows a local attacker to overwrite arbitrary > files the users has write permissions for. I was going to translate DSA-256, but the first sentence in the first paragraph seems to be missing an important part. Martin, do you remember what that sentence was meant to say? -- Regards, Kaare - <http://www.nightcall.dk/>
