• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

mindi Temporary File Creation Vulnerabilities

Debian has reported that Mindi is affected by several temporary file creation vulnerabilities that could allow for corruption of local files and, possibly, elevation of privileges. Throughout it's operation, mindi creates numerous files in /tmp with predictable filenames. Because /tmp is world-writeable, symbolic link attacks are possible.