Description
The SDL port of abuse (abuse-SDL) before 2.00 does not properly drop privileges before creating certain files, which allows local users to create or overwrite arbitrary files.
Affected products
References
- MISChttp://www.osvdb.org/14610
- VENDOR_ADVISORYhttp://secunia.com/advisories/14495
- VENDOR_ADVISORYhttp://www.debian.org/security/2005/dsa-691