• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

SANE Insecure Temporary File Creation Vulnerability

Solution:
This issue has been addressed in SANE 1.0.7-beta1 and later. Additional upgrades are also available.

Conectiva Linux has released an advisory (CLA-2003:769) to address this issue. Please see the referenced advisory for more information.


SANE SANE 1.0 .0

• SANE sane-1.0.7-beta2
  ftp://ftp.mostang.com/pub/sane/sane-1.0.7-beta2

SANE SANE 1.0.1

• SANE sane-1.0.7-beta2
  ftp://ftp.mostang.com/pub/sane/sane-1.0.7-beta2

SANE SANE 1.0.2

• SANE sane-1.0.7-beta2
  ftp://ftp.mostang.com/pub/sane/sane-1.0.7-beta2

SANE SANE 1.0.3

• Red Hat sane-1.0.3-10.1.alpha.rpm
  ftp://updates.redhat.com/7.1/en/os/alpha/sane-1.0.3-10.1.alpha.rpm


• Red Hat sane-1.0.3-10.1.i386.rpm
  ftp://updates.redhat.com/7.1/en/os/i386/sane-1.0.3-10.1.i386.rpm


• Red Hat sane-1.0.3-10.1.ia64.rpm
  ftp://updates.redhat.com/7.1/en/os/ia64/sane-1.0.3-10.1.ia64.rpm


• Red Hat sane-1.0.3-2.1.alpha.rpm
  ftp://updates.redhat.com/7.0/en/os/alpha/sane-1.0.3-2.1.alpha.rpm


• Red Hat sane-1.0.3-2.1.i386.rpm
  ftp://updates.redhat.com/7.0/en/os/i386/sane-1.0.3-2.1.i386.rpm


• Red Hat sane-devel-1.0.3-10.1.alpha.rpm
  ftp://updates.redhat.com/7.1/en/os/alpha/sane-devel-1.0.3-10.1.alpha.r pm


• Red Hat sane-devel-1.0.3-10.1.i386.rpm
  ftp://updates.redhat.com/7.1/en/os/i386/sane-devel-1.0.3-10.1.i386.rpm


• Red Hat sane-devel-1.0.3-10.1.ia64.rpm
  ftp://updates.redhat.com/7.1/en/os/ia64/sane-devel-1.0.3-10.1.ia64.rpm


• Red Hat sane-devel-1.0.3-2.1.alpha.rpm
  ftp://updates.redhat.com/7.0/en/os/alpha/sane-devel-1.0.3-2.1.alpha.rp m


• Red Hat sane-devel-1.0.3-2.1.i386.rpm
  ftp://updates.redhat.com/7.0/en/os/i386/sane-devel-1.0.3-2.1.i386.rpm


• Red Hat xsane-0.82-2.1.alpha.rpm
  ftp://updates.redhat.com/7.0/en/os/alpha/xsane-0.82-2.1.alpha.rpm


• Red Hat xsane-0.82-2.1.i386.rpm
  ftp://updates.redhat.com/7.0/en/os/i386/xsane-0.82-2.1.i386.rpm


• Red Hat xsane-0.82-3.1.alpha.rpm
  ftp://updates.redhat.com/7.1/en/os/alpha/xsane-0.82-3.1.alpha.rpm


• Red Hat xsane-0.82-3.1.i386.rpm
  ftp://updates.redhat.com/7.1/en/os/i386/xsane-0.82-3.1.i386.rpm


• Red Hat xsane-0.82-3.1.ia64.rpm
  ftp://updates.redhat.com/7.1/en/os/ia64/xsane-0.82-3.1.ia64.rpm


• Red Hat xsane-gimp-0.82-2.1.alpha.rpm
  ftp://updates.redhat.com/7.0/en/os/alpha/xsane-gimp-0.82-2.1.alpha.rpm


• Red Hat xsane-gimp-0.82-2.1.i386.rpm
  ftp://updates.redhat.com/7.0/en/os/i386/xsane-gimp-0.82-2.1.i386.rpm


• Red Hat xsane-gimp-0.82-3.1.alpha.rpm
  ftp://updates.redhat.com/7.1/en/os/alpha/xsane-gimp-0.82-3.1.alpha.rpm


• Red Hat xsane-gimp-0.82-3.1.i386.rpm
  ftp://updates.redhat.com/7.1/en/os/i386/xsane-gimp-0.82-3.1.i386.rpm


• Red Hat xsane-gimp-0.82-3.1.ia64.rpm
  ftp://updates.redhat.com/7.1/en/os/ia64/xsane-gimp-0.82-3.1.ia64.rpm


• SANE sane-1.0.7-beta2
  ftp://ftp.mostang.com/pub/sane/sane-1.0.7-beta2

SANE SANE 1.0.4

• Conectiva sane-1.0.4-3U70_1cl.i386.rpm
  Upgrade for Conectiva Linux 7.
  ftp://atualizacoes.conectiva.com.br/7.0/RPMS/sane-1.0.4-3U70_1cl.i386. rpm


• Conectiva sane-devel-1.0.4-3U70_1cl.i386.rpm
  Upgrade for Conectiva Linux 7.
  ftp://atualizacoes.conectiva.com.br/7.0/RPMS/sane-devel-1.0.4-3U70_1cl .i386.rpm


• Conectiva sane-devel-static-1.0.4-3U70_1cl.i386.rpm
  Upgrade for Conectiva Linux 7.
  ftp://atualizacoes.conectiva.com.br/7.0/RPMS/sane-devel-static-1.0.4-3 U70_1cl.i386.rpm


• SANE sane-1.0.7-beta2
  ftp://ftp.mostang.com/pub/sane/sane-1.0.7-beta2

SANE SANE 1.0.5

• Red Hat sane-backends-1.0.5-4.1.i386.rpm
  ftp://updates.redhat.com/7.2/en/os/i386/sane-backends-1.0.5-4.1.i386.r pm


• Red Hat sane-backends-1.0.5-4.1.ia64.rpm
  ftp://updates.redhat.com/7.2/en/os/ia64/sane-backends-1.0.5-4.1.ia64.r pm


• Red Hat sane-backends-devel-1.0.5-4.1.i386.rpm
  ftp://updates.redhat.com/7.2/en/os/i386/sane-backends-devel-1.0.5-4.1. i386.rpm


• Red Hat sane-backends-devel-1.0.5-4.1.ia64.rpm
  ftp://updates.redhat.com/7.2/en/os/ia64/sane-backends-devel-1.0.5-4.1. ia64.rpm


• Red Hat xsane-0.82-3.1.i386.rpm
  ftp://updates.redhat.com/7.2/en/os/i386/xsane-0.82-3.1.i386.rpm


• Red Hat xsane-0.82-3.1.ia64.rpm
  ftp://updates.redhat.com/7.2/en/os/ia64/xsane-0.82-3.1.ia64.rpm


• Red Hat xsane-gimp-0.82-3.1.i386.rpm
  ftp://updates.redhat.com/7.2/en/os/i386/xsane-gimp-0.82-3.1.i386.rpm


• Red Hat xsane-gimp-0.82-3.1.ia64.rpm
  ftp://updates.redhat.com/7.2/en/os/ia64/xsane-gimp-0.82-3.1.ia64.rpm


• SANE sane-1.0.7-beta2
  ftp://ftp.mostang.com/pub/sane/sane-1.0.7-beta2

SANE SANE 1.0.6

• Conectiva sane-1.0.6-3U80_1cl.i386.rpm
  Upgrade for Conectiva Linux 8.
  ftp://atualizacoes.conectiva.com.br/8/RPMS/sane-1.0.6-3U80_1cl.i386.rp m


• Conectiva sane-devel-1.0.6-3U80_1cl.i386.rpm
  Upgrade for Conectiva Linux 8.
  ftp://atualizacoes.conectiva.com.br/8/RPMS/sane-devel-1.0.6-3U80_1cl.i 386.rpm


• Conectiva sane-devel-static-1.0.6-3U80_1cl.i386.rpm
  Upgrade for Conectiva Linux 8.
  ftp://atualizacoes.conectiva.com.br/8/RPMS/sane-devel-static-1.0.6-3U8 0_1cl.i386.rpm


• SANE sane-1.0.7-beta2
  ftp://ftp.mostang.com/pub/sane/sane-1.0.7-beta2