Joined: 12 May 2004
|Posted: Wed Jun 08, 2005 4:12 pm Post subject: [ GLSA 200506-05 ] SilverCity: Insecure file permissions
|Gentoo Linux Security Advisory
Title: SilverCity: Insecure file permissions (GLSA 200506-05)
Date: June 08, 2005
Updated: May 22, 2006
Executable files with insecure permissions can be modified causing an
unsuspecting user to run arbitrary code.
SilverCity provides lexical analysis for over 20 programming and markup
Vulnerable: < 0.9.5-r1
Unaffected: >= 0.9.5-r1
Architectures: All supported architectures
The SilverCity package installs three executable files with insecure
A local attacker could modify the executable files, causing arbitrary
code to be executed with the permissions of an unsuspecting SilverCity
There are no known workarounds at this time.
All SilverCity users should upgrade to the latest version:
|# emerge --sync
# emerge --ask --oneshot --verbose ">=app-text/silvercity-0.9.5-r1"
Last edited by GLSA on Sat Apr 02, 2011 4:19 am; edited 6 times in total