CVE-2005-3349 Information

Description

GNU Gnump3d before 2.9.8 allows local users to modify or delete arbitrary files via a symlink attack on the index.lok temporary file.

Reference

http://secunia.com/advisories/17646 http://secunia.com/advisories/17647 http://secunia.com/advisories/17656 http://www.debian.org/security/2005/dsa-901 http://www.gentoo.org/security/en/glsa/glsa-200511-16.xml http://www.gnu.org/software/gnump3d/attacks.htmltemporary-files http://www.gnu.org/software/gnump3d/ChangeLog http://www.novell.com/linux/security/advisories/2005_28_sr.html http://www.securityfocus.com/bid/15497 http://www.vupen.com/english/advisories/2005/2489