CVE-2006-1695
EPSS 0.07%fbi - insecure temporary file
Published: 4/11/2006Modified: 4/28/2026
Also known as:DEBIAN-CVE-2006-1695
Description
The fbgs script in the fbi package 2.01-1.4, when the TMPDIR environment variable is not defined, allows local users to overwrite arbitrary files via a symlink attack on temporary files in /var/tmp/fbps-[PID].
Affected packages (2)
- Debian/fbifrom 0, < 2.05-1
- Debian/fbifrom 0, < 1.23woody1