CVE-2005-1853
gopher - insecure tmpfile handling
EPSS 0.05%
Description
gopher.c in the Gopher client 3.0.5 does not properly create temporary files, which allows local users to gain privileges.
How to fix CVE-2005-1853
To remediate CVE-2005-1853, upgrade the affected package to a fixed version below.
- Debian/gopher—upgrade to 3.0.8 or later
- Debian/gopher—upgrade to 3.0.3woody3 or later
Is CVE-2005-1853 being exploited?
Low — EPSS is 0.0%, meaning exploitation activity has not been observed at scale.
Affected packages (2)
- from 0, < 3.0.8
- from 0, < 3.0.3woody3