MidnightBSD

Advisories for becauseinter

CVE-2010-0118 LOW

Bournal before 1.4.1 allows local users to overwrite arbitrary files via a symlink attack on unspecified temporary files associated with a --hack_the_gibson update check.

CVSS 2.0

Severity: LOW

Problem Type: CWE-59,

Products Affected

Vendor Product Version
becauseinter bournal *
becauseinter bournal 0.8
becauseinter bournal 1.0
becauseinter bournal 0.9
becauseinter bournal 1.1
becauseinter bournal 0.1
becauseinter bournal 0.4.5
becauseinter bournal 0.7
becauseinter bournal 1.2
becauseinter bournal 0.2
becauseinter bournal 0.3
becauseinter bournal 1.3
becauseinter bournal 0.4
becauseinter bournal 0.6
CVE-2010-0119 LOW

Bournal before 1.4.1 on FreeBSD 8.0, when the -K option is used, places a ccrypt key on the command line, which allows local users to obtain sensitive information by listing the process and its arguments, related to "echoing."

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,

Products Affected

Vendor Product Version
becauseinter bournal *
becauseinter bournal 0.8
becauseinter bournal 1.0
becauseinter bournal 0.9
becauseinter bournal 1.1
becauseinter bournal 0.1
becauseinter bournal 0.4.5
becauseinter bournal 0.7
becauseinter bournal 1.2
becauseinter bournal 0.2
becauseinter bournal 0.3
becauseinter bournal 1.3
becauseinter bournal 0.4
becauseinter bournal 0.6