PT-2005-1894 · Cdrecord · Cdrecord

Joey Hess

·

Published

2005-03-26

·

Updated

2018-10-03

·

CVE-2005-0866

CVSS v2.0

2.1

Low

VectorAV:L/AC:L/Au:N/C:N/I:P/A:N
Name of the Vulnerable Software and Affected Versions cdrecord versions prior to 4:2.0
Description The issue allows local users to overwrite arbitrary files via a symlink attack on temporary files when DEBUG is enabled.
Recommendations For versions prior to 4:2.0, disable the DEBUG mode to prevent the symlink attack on temporary files.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Related Identifiers

CVE-2005-0866

Affected Products

Cdrecord