• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Libdbi-perl Unspecified Insecure Temporary File Creation Vulnerability

The 'libdbi-perl' utility is affected by an unspecified insecure temporary file-creation vulnerability. This issue is likely due to a design error that causes the application to fail to verify the presence of a file before writing to it.

An attacker may leverage this issue to overwrite arbitrary files with the privileges of an unsuspecting user that activates the vulnerable application.

Debian has reported that this vulnerability affects libdbi-perl 1.21 running on Debian GNU/Linux 3.0 alias 'woody'. Other versions may be affected as well.