VULHUB ™

A vulnerability exists in versions of ispell, involving the way gnomerpm handles tmp files. ispell creates temporary files in the world-writeable /tmp directory with preditable filenames. It is possible for a malicious user to create symbolic links in /tmp with guessed/predicted filenames, knowing in advance that ispell will be run by a privileged user. When this happens, the files pointed to by the correctly guessed symbolic links will be overwritten.

A vulnerability exists in versions of ispell, involving the way gnomerpm handles tmp files. ispell creates temporary files in the world-writeable /tmp directory with preditable filenames. It is possible for a malicious user to create symbolic links in /tmp with guessed/predicted filenames, knowing in advance that ispell will be run by a privileged user. When this happens, the files pointed to by the correctly guessed symbolic links will be overwritten.