• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

LM_sensors PWMConfig Insecure Temporary File Creation Vulnerability

Solution:
Ubuntu has released security advisory USN-172-1 addressing this issue. Please see the referenced advisory for details on obtaining and applying the appropriate updates.

Mandriva has released advisory MDKSA-2005:149 and fixes to address this issue. Please see the referenced advisory for links to fixes.

Gentoo has released security advisory GLSA 200508-19 addressing this issue. Gentoo recommends all lm_sensors users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=sys-apps/lm_sensors-2.9.1-r1"

Debian has released security advisory 814-1 and fixes to address this issue. Please see the referenced advisory for links to fixes.

Conectiva Linux has released security advisory CLSA-2005:1012 addressing this issue. Please see the referenced advisory for details on obtaining and applying the appropriate updates.

RedHat Fedora has released security advisories FEDORA-2005-1053 and FEDORA-2005-1054 addressing this issue for Fedora Core 3 and Core 4. Users are advised to see the referenced advisories for details on obtaining and applying the appropriate updates.

RedHat Linux has released security advisory RHSA-2005:825-13 addressing this issue for their Desktop and Enterprise editions. Please see the referenced Web advisory for further information.

--
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.


lm_sensors lm_sensors 2.8.4

• Mandriva liblm_sensors3-2.8.4-2.1.100mdk.i586.rpm
  Mandrakelinux 10.0
  http://www1.mandrivalinux.com/en/ftp.php3


• Mandriva liblm_sensors3-2.8.4-2.1.C30mdk.i586.rpm
  Corporate 3.0
  http://www1.mandrivalinux.com/en/ftp.php3


• Mandriva liblm_sensors3-devel-2.8.4-2.1.100mdk.i586.rpm
  Mandrakelinux 10.0
  http://www1.mandrivalinux.com/en/ftp.php3


• Mandriva liblm_sensors3-devel-2.8.4-2.1.C30mdk.i586.rpm
  Corporate 3.0
  http://www1.mandrivalinux.com/en/ftp.php3


• Mandriva liblm_sensors3-static-devel-2.8.4-2.1.100mdk.i586.rpm
  Mandrakelinux 10.0
  http://www1.mandrivalinux.com/en/ftp.php3


• Mandriva liblm_sensors3-static-devel-2.8.4-2.1.C30mdk.i586.rpm
  Corporate 3.0
  http://www1.mandrivalinux.com/en/ftp.php3


• Mandriva lm_sensors-2.8.4-2.1.100mdk.amd64.rpm
  Mandrakelinux 10.0/AMD64
  http://www1.mandrivalinux.com/en/ftp.php3


• Mandriva lm_sensors-2.8.4-2.1.100mdk.i586.rpm
  Mandrakelinux 10.0
  http://www1.mandrivalinux.com/en/ftp.php3


• Mandriva lm_sensors-2.8.4-2.1.C30mdk.i586.rpm
  Corporate 3.0
  http://www1.mandrivalinux.com/en/ftp.php3


• Mandriva lm_sensors-2.8.4-2.1.C30mdk.x86_64.rpm
  Corporate 3.0/X86_64
  http://www1.mandrivalinux.com/en/ftp.php3

lm_sensors lm_sensors 2.8.6

• Conectiva liblm_sensors3-2.8.6-61068U10_1cl.i386.rpm
  Conectiva 10
  ftp://atualizacoes.conectiva.com.br/10/RPMS/liblm_sensors3-2.8.6-61068 U10_1cl.i386.rpm


• Conectiva lm_sensors-2.8.6-61068U10_1cl.i386.rpm
  Conectiva 10
  ftp://atualizacoes.conectiva.com.br/10/RPMS/lm_sensors-2.8.6-61068U10_ 1cl.i386.rpm


• Conectiva lm_sensors-devel-2.8.6-61068U10_1cl.i386.rpm
  Conectiva 10
  ftp://atualizacoes.conectiva.com.br/10/RPMS/lm_sensors-devel-2.8.6-610 68U10_1cl.i386.rpm


• Conectiva lm_sensors-devel-static-2.8.6-61068U10_1cl.i386.rpm
  Conectiva 10
  ftp://atualizacoes.conectiva.com.br/10/RPMS/lm_sensors-devel-static-2. 8.6-61068U10_1cl.i386.rpm


• Conectiva lm_sensors-doc-2.8.6-61068U10_1cl.i386.rpm
  Conectiva 10
  ftp://atualizacoes.conectiva.com.br/10/RPMS/lm_sensors-doc-2.8.6-61068 U10_1cl.i386.rpm


• Conectiva lm_sensors-sensord-2.8.6-61068U10_1cl.i386.rpm
  Conectiva 10
  ftp://atualizacoes.conectiva.com.br/10/RPMS/lm_sensors-sensord-2.8.6-6 1068U10_1cl.i386.rpm


• Conectiva lm_sensors-tellerstats-2.8.6-61068U10_1cl.i386.rpm
  Conectiva 10
  ftp://atualizacoes.conectiva.com.br/10/RPMS/lm_sensors-tellerstats-2.8 .6-61068U10_1cl.i386.rpm

lm_sensors lm_sensors 2.8.7

• Mandriva liblm_sensors3-2.8.7-7.1.101mdk.i586.rpm
  Mandrakelinux 10.1
  http://www1.mandrivalinux.com/en/ftp.php3


• Mandriva liblm_sensors3-2.9.0-4.1.102mdk.i586.rpm
  Mandrakelinux 10.2
  http://www1.mandrivalinux.com/en/ftp.php3


• Mandriva liblm_sensors3-devel-2.8.7-7.1.101mdk.i586.rpm
  Mandrakelinux 10.1
  http://www1.mandrivalinux.com/en/ftp.php3


• Mandriva liblm_sensors3-devel-2.9.0-4.1.102mdk.i586.rpm
  Mandrakelinux 10.2
  http://www1.mandrivalinux.com/en/ftp.php3


• Mandriva liblm_sensors3-static-devel-2.8.7-7.1.101mdk.i586.rpm
  Mandrakelinux 10.1
  http://www1.mandrivalinux.com/en/ftp.php3


• Mandriva lm_sensors-2.8.7-7.1.101mdk.i586.rpm
  Mandrakelinux 10.1
  http://www1.mandrivalinux.com/en/ftp.php3


• Mandriva lm_sensors-2.8.7-7.1.101mdk.x86_64.rpm
  Mandrakelinux 10.1/X86_64
  http://www1.mandrivalinux.com/en/ftp.php3


• RedHat Fedora lm_sensors-2.8.7-2.FC3.1.i386.rpm
  Fedora Core 3
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/


• RedHat Fedora lm_sensors-2.8.7-2.FC3.1.x86_64.rpm
  Fedora Core 3
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/


• RedHat Fedora lm_sensors-debuginfo-2.8.7-2.FC3.1.i386.rpm
  Fedora Core 3
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/


• RedHat Fedora lm_sensors-debuginfo-2.8.7-2.FC3.1.x86_64.rpm
  Fedora Core 3
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/


• RedHat Fedora lm_sensors-devel-2.8.7-2.FC3.1.i386.rpm
  Fedora Core 3
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/


• RedHat Fedora lm_sensors-devel-2.8.7-2.FC3.1.x86_64.rpm
  Fedora Core 3
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

lm_sensors lm_sensors 2.8.8

• RedHat Fedora lm_sensors-2.9.1-3.FC4.1.i386.rpm
  Fedora Core 3
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/


• RedHat Fedora lm_sensors-2.9.1-3.FC4.1.x86_64.rpm
  Fedora Core 3
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/


• RedHat Fedora lm_sensors-debuginfo-2.9.1-3.FC4.1.i386.rpm
  Fedora Core 3
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/


• RedHat Fedora lm_sensors-debuginfo-2.9.1-3.FC4.1.x86_64.rpm
  Fedora Core 3
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/


• RedHat Fedora lm_sensors-devel-2.9.1-3.FC4.1.i386.rpm
  Fedora Core 3
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/


• RedHat Fedora lm_sensors-devel-2.9.1-3.FC4.1.x86_64.rpm
  Fedora Core 3
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/


• Ubuntu libsensors-dev_2.8.8-7ubuntu2.1_amd64.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/main/l/lm-sensors/libsensors-de v_2.8.8-7ubuntu2.1_amd64.deb


• Ubuntu libsensors-dev_2.8.8-7ubuntu2.1_i386.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/main/l/lm-sensors/libsensors-de v_2.8.8-7ubuntu2.1_i386.deb


• Ubuntu libsensors-dev_2.8.8-7ubuntu2.1_powerpc.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/main/l/lm-sensors/libsensors-de v_2.8.8-7ubuntu2.1_powerpc.deb


• Ubuntu libsensors3_2.8.8-7ubuntu2.1_amd64.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/main/l/lm-sensors/libsensors3_2 .8.8-7ubuntu2.1_amd64.deb


• Ubuntu libsensors3_2.8.8-7ubuntu2.1_i386.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/main/l/lm-sensors/libsensors3_2 .8.8-7ubuntu2.1_i386.deb


• Ubuntu libsensors3_2.8.8-7ubuntu2.1_powerpc.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/main/l/lm-sensors/libsensors3_2 .8.8-7ubuntu2.1_powerpc.deb


• Ubuntu lm-sensors_2.8.8-7ubuntu2.1_amd64.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/main/l/lm-sensors/lm-sensors_2. 8.8-7ubuntu2.1_amd64.deb


• Ubuntu lm-sensors_2.8.8-7ubuntu2.1_i386.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/main/l/lm-sensors/lm-sensors_2. 8.8-7ubuntu2.1_i386.deb


• Ubuntu lm-sensors_2.8.8-7ubuntu2.1_powerpc.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/main/l/lm-sensors/lm-sensors_2. 8.8-7ubuntu2.1_powerpc.deb


• Ubuntu sensord_2.8.8-7ubuntu2.1_amd64.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/main/l/lm-sensors/sensord_2.8.8 -7ubuntu2.1_amd64.deb


• Ubuntu sensord_2.8.8-7ubuntu2.1_i386.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/main/l/lm-sensors/sensord_2.8.8 -7ubuntu2.1_i386.deb


• Ubuntu sensord_2.8.8-7ubuntu2.1_powerpc.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/main/l/lm-sensors/sensord_2.8.8 -7ubuntu2.1_powerpc.deb

lm_sensors lm_sensors 2.9

• Mandriva liblm_sensors3-2.9.0-4.1.102mdk.i586.rpm
  Mandrakelinux 10.2
  http://www1.mandrivalinux.com/en/ftp.php3


• Mandriva liblm_sensors3-devel-2.9.0-4.1.102mdk.i586.rpm
  Mandrakelinux 10.2
  http://www1.mandrivalinux.com/en/ftp.php3


• Mandriva liblm_sensors3-static-devel-2.8.4-2.1.100mdk.i586.rpm
  Mandrakelinux 10.0
  http://www1.mandrivalinux.com/en/ftp.php3


• Mandriva liblm_sensors3-static-devel-2.9.0-4.1.102mdk.i586.rpm
  Mandrakelinux 10.2
  http://www1.mandrivalinux.com/en/ftp.php3


• Mandriva lm_sensors-2.9.0-4.1.102mdk.i586.rpm
  Mandrakelinux 10.2
  http://www1.mandrivalinux.com/en/ftp.php3


• Mandriva lm_sensors-2.9.0-4.1.102mdk.x86_64.rpm
  Mandrakelinux 10.2/X86_64
  http://www1.mandrivalinux.com/en/ftp.php3