• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

FreeBSD PortUpgrade Local Insecure Temporary File Handling Vulnerability

A local insecure file handling vulnerability affects FreeBSD portupgrade. This issue is due to a design error that causes the affected application to fail to securely handle temporary files.

An attacker may leverage this issue to corrupt arbitrary files and execute code with the privileges of a user that runs the vulnerable utility. It should be noted that this utility is commonly run with superuser privileges.