CVE-2005-2918

Name of the Vulnerable Software and Affected Versions gtkdiskfree version 1.9.3 and earlier

Description The issue allows local users to overwrite arbitrary files via a symlink attack on the gtkdiskfree temporary file, potentially leading to data integrity violations. Additionally, there are multiple vulnerabilities in the gtkdiskfree package that can be exploited remotely, compromising the integrity of protected information.

Recommendations For gtkdiskfree version 1.9.3 and earlier, consider restricting access to the open cmd tube function in mount.c until a patch is available. As a temporary workaround, avoid using the open cmd tube function to minimize the risk of exploitation.