Vladz

**Name of the Vulnerable Software and Affected Versions** PHP versions prior to 5.6.0 PEAR (affected versions not specified) **Description** The issue allows local users to write to arbitrary files via a symlink attack on a rest.cachefile or rest.cacheid file in /tmp/pear/cache. This is related to the retrieveCacheFirst and useLocalCache functions in the PEAR REST class in REST.php. **Recommendations** For PHP versions prior to 5.6.0, consider updating to a version that is not affected by this issue. As a temporary workaround, consider restricting access to the /tmp/pear/cache/ directory to minimize the risk of exploitation. Avoid using the retrieveCacheFirst and useLocalCache functions in the PEAR REST class until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** bzip2 versions 1.0.5 and earlier **Description** The issue arises from the bzexe command in bzip2, which generates compressed executables that do not properly handle temporary files during extraction. This allows local users to execute arbitrary code by precreating a temporary directory. **Recommendations** For bzip2 versions 1.0.5 and earlier, consider updating to a version later than 1.0.5 to resolve the issue. As a temporary workaround, restrict access to the bzexe command to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** X.Org X wrapper versions (affected versions not specified) Debian GNU/Linux (affected versions not specified) Ubuntu Linux (affected versions not specified) **Description** The issue allows local users to bypass intended access restrictions. Multiple vulnerabilities in the xorg package may lead to a breach of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited by a local attacker. **Recommendations** For X.Org X wrapper, consider restricting access to the xserver-wrapper.c file until a patch is available. For Debian GNU/Linux and Ubuntu Linux, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** gdm versions prior to 2.21.1 gdm-docs versions 2.16.0 gdm-debuginfo versions 2.16.0 initscripts versions 8.45.42 initscripts-debuginfo versions 8.45.42 **Description** The issue allows local users to change permissions of arbitrary directories via a symlink attack on /tmp/.X11-unix/. This can lead to a disruption of confidentiality, integrity, and availability of protected information. The exploitation of this issue can be carried out locally. **Recommendations** For gdm versions prior to 2.21.1, update to version 2.21.1 or later to resolve the issue. For gdm-docs versions 2.16.0, consider disabling the vulnerable component until a patch is available. For gdm-debuginfo versions 2.16.0, restrict access to the vulnerable module to minimize the risk of exploitation. For initscripts versions 8.45.42, avoid using the vulnerable parameters in the affected API endpoint until the issue is resolved. For initscripts-debuginfo versions 8.45.42, as a temporary workaround, consider disabling the vulnerable function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** MySQL Server version 5.5 **Description** A race condition in the post-installation script for MySQL Server 5.5 creates a configuration file with world-readable permissions before restricting the permissions. This allows local users to read the file and obtain sensitive information, such as credentials. **Recommendations** For MySQL Server version 5.5, consider restricting access to the configuration file until the permissions are properly set, or manually adjust the permissions to prevent unauthorized access. As a temporary workaround, restrict read access to the configuration file to minimize the risk of credential exposure.

**Name of the Vulnerable Software and Affected Versions** xorg-server versions prior to 1.10.4-r1 xserver versions prior to 1.11.2 **Description** The issue concerns multiple vulnerabilities in the xorg-server package, which can be exploited locally to compromise the confidentiality of protected information. Specifically, the LockServer function in os/utils.c in X.Org xserver is vulnerable to a symlink attack on a temporary lock file, allowing local users to determine the existence of arbitrary files. **Recommendations** For xorg-server versions prior to 1.10.4-r1, update to version 1.10.4-r1 or later to resolve the issue. For xserver versions prior to 1.11.2, update to version 1.11.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the LockServer function to minimize the risk of exploitation.