|Category:||FreeBSD Local Security Checks|
|Title:||FreeBSD Ports: portupgrade|
|Summary:||FreeBSD Ports: portupgrade|
|Description:||The remote host is missing an update to the system|
as announced in the referenced advisory.
The following package is affected: portupgrade
Multiple symlink vulnerabilities in portupgrade before 20041226_2 in
FreeBSD allow local users to (1) overwrite arbitrary files and
possibly replace packages to execute arbitrary code via pkg_fetch, (2)
overwrite arbitrary files via temporary files when portupgrade
upgrades a port or package, or (3) create arbitrary zero-byte files
via the pkgdb.fixme temporary file.
Update your system with the appropriate patches or
BugTraq ID: 13106|
Common Vulnerability Exposure (CVE) ID: CVE-2005-0610
|Copyright||Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com|
|This is only one of 40037 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.