John Goerzen

**Name of the Vulnerable Software and Affected Versions** C-Kermit versions through 10.0 Beta.12 (aka 416-beta12) before 244644d **Description** A remote Kermit system can overwrite files on the local system or retrieve arbitrary files from the local system. **Recommendations** Update to a version later than 244644d.

**Name of the Vulnerable Software and Affected Versions** Gopher client version 3.0.5 **Description** The issue is related to the improper creation of temporary files by gopher.c in the Gopher client, allowing local users to gain privileges. **Recommendations** For Gopher client version 3.0.5, update to a newer version that properly handles temporary file creation to prevent privilege escalation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.