27 lines
852 B
Diff
27 lines
852 B
Diff
|
|
||
|
CVE-2008-1078 am-utils: insecure usage of temporary files
|
||
|
|
||
|
Addresses-Red-Hat-Bugzilla: #435420
|
||
|
Signed-off-by: Karel Zak <kzak@redhat.com>
|
||
|
|
||
|
diff -up am-utils-6.1.5/scripts/expn.in.kzak am-utils-6.1.5/scripts/expn.in
|
||
|
--- am-utils-6.1.5/scripts/expn.in.kzak 2008-05-29 12:43:19.000000000 +0200
|
||
|
+++ am-utils-6.1.5/scripts/expn.in 2008-05-29 12:44:20.000000000 +0200
|
||
|
@@ -9,6 +9,7 @@
|
||
|
# hardcoded constants, should work fine for BSD-based systems
|
||
|
#require 'sys/socket.ph'; # perl 4
|
||
|
use Socket; # perl 5
|
||
|
+use Fcntl
|
||
|
$AF_INET = &AF_INET;
|
||
|
$SOCK_STREAM = &SOCK_STREAM;
|
||
|
|
||
|
@@ -1009,7 +1010,7 @@ sub mxlookup
|
||
|
}
|
||
|
|
||
|
$0 = "$av0 - nslookup of $server";
|
||
|
- open(T,">/tmp/expn$$") || die "open > /tmp/expn$$: $!\n";
|
||
|
+ sysopen(T,"/tmp/expn$$", O_EXCL | O_CREAT) || die "open > /tmp/expn$$: $!\n";
|
||
|
print T "set querytype=MX\n";
|
||
|
print T "$server\n";
|
||
|
close(T);
|