ID CVE-2005-3341 Type cve Reporter cve@mitre.org Modified 2017-07-11T01:33:00
Description
DHIS tools DNS package (dhis-tools-dns) before 5.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files created by (1) register-q.sh and (2) register-p.sh.
{"securityvulns": [{"lastseen": "2018-08-31T11:10:15", "bulletinFamily": "software", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- --------------------------------------------------------------------------\r\nDebian Security Advisory DSA 928-1 security@debian.org\r\nhttp://www.debian.org/security/ Martin Schulze\r\nDecember 27th, 2005 http://www.debian.org/security/faq\r\n- --------------------------------------------------------------------------\r\n\r\nPackage : dhis-tools-dns\r\nVulnerability : insecure temporary file\r\nProblem type : local\r\nDebian-specific: no\r\nCVE ID : CVE-2005-3341\r\n\r\nJavier Fernandez-Sanguino Pena from the Debian Security Audit project\r\ndiscovered that two scripts in the dhis-tools-dns package, DNS\r\nconfiguration utilities for a dynamic host information System, which\r\nare usually executed by root, create temporary files in an insecure\r\nfashion.\r\n\r\nThe old stable distribution (woody) does not contain a dhis-tools-dns\r\npackage.\r\n\r\nFor the stable distribution (sarge) these problems have been fixed in\r\nversion 5.0-3sarge1.\r\n\r\nFor the unstable distribution (sid) these problems have been fixed in\r\nversion 5.0-5.\r\n\r\nWe recommend that you upgrade your dhis-tools-dns package.\r\n\r\n\r\nUpgrade Instructions\r\n- --------------------\r\n\r\nwget url\r\n will fetch the file for you\r\ndpkg -i file.deb\r\n will install the referenced file.\r\n\r\nIf you are using the apt-get package manager, use the line for\r\nsources.list as given below:\r\n\r\napt-get update\r\n will update the internal database\r\napt-get upgrade\r\n will install corrected packages\r\n\r\nYou may use an automated update by adding the resources from the\r\nfooter to the proper configuration.\r\n\r\n\r\nDebian GNU/Linux 3.1 alias sarge\r\n- --------------------------------\r\n\r\n Source archives:\r\n\r\n http://security.debian.org/pool/updates/main/d/dhis-tools-dns/dhis-tools-dns_5.0-3sarge1.dsc\r\n Size/MD5 checksum: 623 b5bb7245baec1eaea19bca6fed93a20d\r\n http://security.debian.org/pool/updates/main/d/dhis-tools-dns/dhis-tools-dns_5.0-3sarge1.diff.gz\r\n Size/MD5 checksum: 4711 d2095bb5dbd01ad45eac91f17aa71dfa\r\n http://security.debian.org/pool/updates/main/d/dhis-tools-dns/dhis-tools-dns_5.0.orig.tar.gz\r\n Size/MD5 checksum: 3535 9674e661082ad955010efd6d06686b82\r\n\r\n Alpha architecture:\r\n\r\n http://security.debian.org/pool/updates/main/d/dhis-tools-dns/dhis-tools-dns_5.0-3sarge1_alpha.deb\r\n Size/MD5 checksum: 7978 207fa0d62d5cf58685f7f0db185e08d4\r\n http://security.debian.org/pool/updates/main/d/dhis-tools-dns/dhis-tools-genkeys_5.0-3sarge1_alpha.deb\r\n Size/MD5 checksum: 8678 61934b801e98457666f28fd80e43dd53\r\n\r\n AMD64 architecture:\r\n\r\n http://security.debian.org/pool/updates/main/d/dhis-tools-dns/dhis-tools-dns_5.0-3sarge1_amd64.deb\r\n Size/MD5 checksum: 7592 c98df83e0c69f857ab6d098c4c09ec41\r\n http://security.debian.org/pool/updates/main/d/dhis-tools-dns/dhis-tools-genkeys_5.0-3sarge1_amd64.deb\r\n Size/MD5 checksum: 8090 b6c4401b2cad0e2cb8fef248a783cc48\r\n\r\n ARM architecture:\r\n\r\n http://security.debian.org/pool/updates/main/d/dhis-tools-dns/dhis-tools-dns_5.0-3sarge1_arm.deb\r\n Size/MD5 checksum: 7432 03343675acb57b139d29ce92e0dd7750\r\n http://security.debian.org/pool/updates/main/d/dhis-tools-dns/dhis-tools-genkeys_5.0-3sarge1_arm.deb\r\n Size/MD5 checksum: 7854 d58346c9292b0b5991f83ef3d9dd7a1d\r\n\r\n Intel IA-32 architecture:\r\n\r\n http://security.debian.org/pool/updates/main/d/dhis-tools-dns/dhis-tools-dns_5.0-3sarge1_i386.deb\r\n Size/MD5 checksum: 7330 29c880357067715b4ea639804f58ee6a\r\n http://security.debian.org/pool/updates/main/d/dhis-tools-dns/dhis-tools-genkeys_5.0-3sarge1_i386.deb\r\n Size/MD5 checksum: 7632 523f6a69be038c1d8ccb75f5e0cc2da9\r\n\r\n Intel IA-64 architecture:\r\n\r\n http://security.debian.org/pool/updates/main/d/dhis-tools-dns/dhis-tools-dns_5.0-3sarge1_ia64.deb\r\n Size/MD5 checksum: 8692 091e101db6ebe1088b9f204611d6d20d\r\n http://security.debian.org/pool/updates/main/d/dhis-tools-dns/dhis-tools-genkeys_5.0-3sarge1_ia64.deb\r\n Size/MD5 checksum: 9396 3e1d7ed7784f23c2d1437a6c0e935287\r\n\r\n HP Precision architecture:\r\n\r\n http://security.debian.org/pool/updates/main/d/dhis-tools-dns/dhis-tools-dns_5.0-3sarge1_hppa.deb\r\n Size/MD5 checksum: 8106 40ffc96aa7b1bdbdf075a45ff4a020ca\r\n http://security.debian.org/pool/updates/main/d/dhis-tools-dns/dhis-tools-genkeys_5.0-3sarge1_hppa.deb\r\n Size/MD5 checksum: 8666 528294b6c32e7d694d7f5336294fccae\r\n\r\n Motorola 680x0 architecture:\r\n\r\n http://security.debian.org/pool/updates/main/d/dhis-tools-dns/dhis-tools-dns_5.0-3sarge1_m68k.deb\r\n Size/MD5 checksum: 7352 6c552aa90253a73c05203cc23fc08a49\r\n http://security.debian.org/pool/updates/main/d/dhis-tools-dns/dhis-tools-genkeys_5.0-3sarge1_m68k.deb\r\n Size/MD5 checksum: 7774 6f56252d7552d86f1c26e61efe497b79\r\n\r\n Big endian MIPS architecture:\r\n\r\n http://security.debian.org/pool/updates/main/d/dhis-tools-dns/dhis-tools-dns_5.0-3sarge1_mips.deb\r\n Size/MD5 checksum: 8292 5874ebc2df9870cf2fa8025d32954051\r\n http://security.debian.org/pool/updates/main/d/dhis-tools-dns/dhis-tools-genkeys_5.0-3sarge1_mips.deb\r\n Size/MD5 checksum: 9970 8f0fe90a8941022445814684fb334f65\r\n\r\n Little endian MIPS architecture:\r\n\r\n http://security.debian.org/pool/updates/main/d/dhis-tools-dns/dhis-tools-dns_5.0-3sarge1_mipsel.deb\r\n Size/MD5 checksum: 8320 21e2f84d584507d08c134775832b4adf\r\n http://security.debian.org/pool/updates/main/d/dhis-tools-dns/dhis-tools-genkeys_5.0-3sarge1_mipsel.deb\r\n Size/MD5 checksum: 9938 16489ad8581b62e81b48da09b8b29fad\r\n\r\n PowerPC architecture:\r\n\r\n http://security.debian.org/pool/updates/main/d/dhis-tools-dns/dhis-tools-dns_5.0-3sarge1_powerpc.deb\r\n Size/MD5 checksum: 7778 a8b6300d9aa94a46b3a0b58ed0ca8333\r\n http://security.debian.org/pool/updates/main/d/dhis-tools-dns/dhis-tools-genkeys_5.0-3sarge1_powerpc.deb\r\n Size/MD5 checksum: 9404 064c6072f9f0aac62f474cff127dad15\r\n\r\n IBM S/390 architecture:\r\n\r\n http://security.debian.org/pool/updates/main/d/dhis-tools-dns/dhis-tools-dns_5.0-3sarge1_s390.deb\r\n Size/MD5 checksum: 7736 6f4731b8f9e8b433537ce710b048db0f\r\n http://security.debian.org/pool/updates/main/d/dhis-tools-dns/dhis-tools-genkeys_5.0-3sarge1_s390.deb\r\n Size/MD5 checksum: 8182 cc1d5ed072b00670b6a5b970c2ac8629\r\n\r\n Sun Sparc architecture:\r\n\r\n http://security.debian.org/pool/updates/main/d/dhis-tools-dns/dhis-tools-dns_5.0-3sarge1_sparc.deb\r\n Size/MD5 checksum: 7494 48715a9189a4cb3cf514a8bca423d113\r\n http://security.debian.org/pool/updates/main/d/dhis-tools-dns/dhis-tools-genkeys_5.0-3sarge1_sparc.deb\r\n Size/MD5 checksum: 7802 8c3e13cc4b95da0e4abd1926f11cfc94\r\n\r\n\r\n These files will probably be moved into the stable distribution on\r\n its next update.\r\n\r\n- ---------------------------------------------------------------------------------\r\nFor apt-get: deb http://security.debian.org/ stable/updates main\r\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\r\nMailing list: debian-security-announce@lists.debian.org\r\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.2 (GNU/Linux)\r\n\r\niD8DBQFDsUIMW5ql+IAeqTIRAhkhAKCsoTfQHUogYp88tvGFLQ1EXaXWvwCfXgYj\r\n04twCj9EXBgTif0U63RjIOo=\r\n=cIG1\r\n-----END PGP SIGNATURE-----\r\n\r\n_______________________________________________\r\nFull-Disclosure - We believe in it.\r\nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\r\nHosted and sponsored by Secunia - http://secunia.com/", "modified": "2005-12-27T00:00:00", "published": "2005-12-27T00:00:00", "id": "SECURITYVULNS:DOC:10822", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:10822", "title": "[Full-disclosure] [SECURITY] [DSA 928-1] New dhis-tools-dns packages fix insecure temporary file creation", "type": "securityvulns", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "debian": [{"lastseen": "2019-05-30T02:22:02", "bulletinFamily": "unix", "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 928-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nDecember 27th, 2005 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : dhis-tools-dns\nVulnerability : insecure temporary file\nProblem type : local\nDebian-specific: no\nCVE ID : CVE-2005-3341\n\nJavier Fern\u00e1ndez-Sanguino Pe\u00f1a from the Debian Security Audit project\ndiscovered that two scripts in the dhis-tools-dns package, DNS\nconfiguration utilities for a dynamic host information System, which\nare usually executed by root, create temporary files in an insecure\nfashion.\n\nThe old stable distribution (woody) does not contain a dhis-tools-dns\npackage.\n\nFor the stable distribution (sarge) these problems have been fixed in\nversion 5.0-3sarge1.\n\nFor the unstable distribution (sid) these problems have been fixed in\nversion 5.0-5.\n\nWe recommend that you upgrade your dhis-tools-dns package.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/d/dhis-tools-dns/dhis-tools-dns_5.0-3sarge1.dsc\n Size/MD5 checksum: 623 b5bb7245baec1eaea19bca6fed93a20d\n http://security.debian.org/pool/updates/main/d/dhis-tools-dns/dhis-tools-dns_5.0-3sarge1.diff.gz\n Size/MD5 checksum: 4711 d2095bb5dbd01ad45eac91f17aa71dfa\n http://security.debian.org/pool/updates/main/d/dhis-tools-dns/dhis-tools-dns_5.0.orig.tar.gz\n Size/MD5 checksum: 3535 9674e661082ad955010efd6d06686b82\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/d/dhis-tools-dns/dhis-tools-dns_5.0-3sarge1_alpha.deb\n Size/MD5 checksum: 7978 207fa0d62d5cf58685f7f0db185e08d4\n http://security.debian.org/pool/updates/main/d/dhis-tools-dns/dhis-tools-genkeys_5.0-3sarge1_alpha.deb\n Size/MD5 checksum: 8678 61934b801e98457666f28fd80e43dd53\n\n AMD64 architecture:\n\n http://security.debian.org/pool/updates/main/d/dhis-tools-dns/dhis-tools-dns_5.0-3sarge1_amd64.deb\n Size/MD5 checksum: 7592 c98df83e0c69f857ab6d098c4c09ec41\n http://security.debian.org/pool/updates/main/d/dhis-tools-dns/dhis-tools-genkeys_5.0-3sarge1_amd64.deb\n Size/MD5 checksum: 8090 b6c4401b2cad0e2cb8fef248a783cc48\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/d/dhis-tools-dns/dhis-tools-dns_5.0-3sarge1_arm.deb\n Size/MD5 checksum: 7432 03343675acb57b139d29ce92e0dd7750\n http://security.debian.org/pool/updates/main/d/dhis-tools-dns/dhis-tools-genkeys_5.0-3sarge1_arm.deb\n Size/MD5 checksum: 7854 d58346c9292b0b5991f83ef3d9dd7a1d\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/d/dhis-tools-dns/dhis-tools-dns_5.0-3sarge1_i386.deb\n Size/MD5 checksum: 7330 29c880357067715b4ea639804f58ee6a\n http://security.debian.org/pool/updates/main/d/dhis-tools-dns/dhis-tools-genkeys_5.0-3sarge1_i386.deb\n Size/MD5 checksum: 7632 523f6a69be038c1d8ccb75f5e0cc2da9\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/d/dhis-tools-dns/dhis-tools-dns_5.0-3sarge1_ia64.deb\n Size/MD5 checksum: 8692 091e101db6ebe1088b9f204611d6d20d\n http://security.debian.org/pool/updates/main/d/dhis-tools-dns/dhis-tools-genkeys_5.0-3sarge1_ia64.deb\n Size/MD5 checksum: 9396 3e1d7ed7784f23c2d1437a6c0e935287\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/d/dhis-tools-dns/dhis-tools-dns_5.0-3sarge1_hppa.deb\n Size/MD5 checksum: 8106 40ffc96aa7b1bdbdf075a45ff4a020ca\n http://security.debian.org/pool/updates/main/d/dhis-tools-dns/dhis-tools-genkeys_5.0-3sarge1_hppa.deb\n Size/MD5 checksum: 8666 528294b6c32e7d694d7f5336294fccae\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/d/dhis-tools-dns/dhis-tools-dns_5.0-3sarge1_m68k.deb\n Size/MD5 checksum: 7352 6c552aa90253a73c05203cc23fc08a49\n http://security.debian.org/pool/updates/main/d/dhis-tools-dns/dhis-tools-genkeys_5.0-3sarge1_m68k.deb\n Size/MD5 checksum: 7774 6f56252d7552d86f1c26e61efe497b79\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/d/dhis-tools-dns/dhis-tools-dns_5.0-3sarge1_mips.deb\n Size/MD5 checksum: 8292 5874ebc2df9870cf2fa8025d32954051\n http://security.debian.org/pool/updates/main/d/dhis-tools-dns/dhis-tools-genkeys_5.0-3sarge1_mips.deb\n Size/MD5 checksum: 9970 8f0fe90a8941022445814684fb334f65\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/d/dhis-tools-dns/dhis-tools-dns_5.0-3sarge1_mipsel.deb\n Size/MD5 checksum: 8320 21e2f84d584507d08c134775832b4adf\n http://security.debian.org/pool/updates/main/d/dhis-tools-dns/dhis-tools-genkeys_5.0-3sarge1_mipsel.deb\n Size/MD5 checksum: 9938 16489ad8581b62e81b48da09b8b29fad\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/d/dhis-tools-dns/dhis-tools-dns_5.0-3sarge1_powerpc.deb\n Size/MD5 checksum: 7778 a8b6300d9aa94a46b3a0b58ed0ca8333\n http://security.debian.org/pool/updates/main/d/dhis-tools-dns/dhis-tools-genkeys_5.0-3sarge1_powerpc.deb\n Size/MD5 checksum: 9404 064c6072f9f0aac62f474cff127dad15\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/d/dhis-tools-dns/dhis-tools-dns_5.0-3sarge1_s390.deb\n Size/MD5 checksum: 7736 6f4731b8f9e8b433537ce710b048db0f\n http://security.debian.org/pool/updates/main/d/dhis-tools-dns/dhis-tools-genkeys_5.0-3sarge1_s390.deb\n Size/MD5 checksum: 8182 cc1d5ed072b00670b6a5b970c2ac8629\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/d/dhis-tools-dns/dhis-tools-dns_5.0-3sarge1_sparc.deb\n Size/MD5 checksum: 7494 48715a9189a4cb3cf514a8bca423d113\n http://security.debian.org/pool/updates/main/d/dhis-tools-dns/dhis-tools-genkeys_5.0-3sarge1_sparc.deb\n Size/MD5 checksum: 7802 8c3e13cc4b95da0e4abd1926f11cfc94\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n\n", "modified": "2005-12-27T00:00:00", "published": "2005-12-27T00:00:00", "id": "DEBIAN:DSA-928-1:88AE7", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2005/msg00330.html", "title": "[SECURITY] [DSA 928-1] New dhis-tools-dns packages fix insecure temporary file creation", "type": "debian", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:N"}}], "nessus": [{"lastseen": "2019-02-21T01:09:31", "bulletinFamily": "scanner", "description": "Javier Fernandez-Sanguino Pena from the Debian Security Audit project discovered that two scripts in the dhis-tools-dns package, DNS configuration utilities for a dynamic host information System, which are usually executed by root, create temporary files in an insecure fashion.", "modified": "2018-08-10T00:00:00", "id": "DEBIAN_DSA-928.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=22794", "published": "2006-10-14T00:00:00", "title": "Debian DSA-928-1 : dhis-tools-dns - insecure temporary file", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-928. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(22794);\n script_version(\"1.17\");\n script_cvs_date(\"Date: 2018/08/10 18:07:05\");\n\n script_cve_id(\"CVE-2005-3341\");\n script_xref(name:\"DSA\", value:\"928\");\n\n script_name(english:\"Debian DSA-928-1 : dhis-tools-dns - insecure temporary file\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Javier Fernandez-Sanguino Pena from the Debian Security Audit\nproject discovered that two scripts in the dhis-tools-dns package, DNS\nconfiguration utilities for a dynamic host information System, which\nare usually executed by root, create temporary files in an insecure\nfashion.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2005/dsa-928\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the dhis-tools-dns package.\n\nThe old stable distribution (woody) does not contain a dhis-tools-dns\npackage.\n\nFor the stable distribution (sarge) these problems have been fixed in\nversion 5.0-3sarge1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:dhis-tools-dns\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/12/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/10/14\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/12/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.1\", prefix:\"dhis-tools-dns\", reference:\"5.0-3sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"dhis-tools-genkeys\", reference:\"5.0-3sarge1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:deb_report_get());\n else security_note(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "osvdb": [{"lastseen": "2017-04-28T13:20:18", "bulletinFamily": "software", "description": "## Vulnerability Description\nDHIS Tools contains a flaw that may allow a malicious local user to overwrite arbitrary files on the system. The issue is due to the script 'register-p.sh' creating temporary files insecurely. It is possible for a user to use a symlink style attack to manipulate arbitrary files, resulting in a loss of integrity.\n## Solution Description\nDebian users can upgrade to dhis-tools-dns version 5.0-3sarge1 or higher for the stable distribution (sarge), or version 5.0-5 for the unstable distribution (sid), as they have been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## Short Description\nDHIS Tools contains a flaw that may allow a malicious local user to overwrite arbitrary files on the system. The issue is due to the script 'register-p.sh' creating temporary files insecurely. It is possible for a user to use a symlink style attack to manipulate arbitrary files, resulting in a loss of integrity.\n## References:\n[Vendor Specific Advisory URL](http://www.debian.org/security/2005/dsa-928)\n[Secunia Advisory ID:18228](https://secuniaresearch.flexerasoftware.com/advisories/18228/)\n[Secunia Advisory ID:18227](https://secuniaresearch.flexerasoftware.com/advisories/18227/)\n[Related OSVDB ID: 21935](https://vulners.com/osvdb/OSVDB:21935)\n[CVE-2005-3341](https://vulners.com/cve/CVE-2005-3341)\n", "modified": "2005-12-27T09:18:36", "published": "2005-12-27T09:18:36", "href": "https://vulners.com/osvdb/OSVDB:21934", "id": "OSVDB:21934", "type": "osvdb", "title": "DHIS Tools register-p.sh Symlink Arbitrary File Overwrite", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-04-28T13:20:18", "bulletinFamily": "software", "description": "## Vulnerability Description\nDHIS Tools contains a flaw that may allow a malicious local user to overwrite arbitrary files on the system. The issue is due to the script 'register-q.sh' creating temporary files insecurely. It is possible for a user to use a symlink style attack to manipulate arbitrary files, resulting in a loss of integrity.\n## Solution Description\nDebian users can upgrade to dhis-tools-dns version 5.0-3sarge1 or higher for the stable distribution (sarge), or version 5.0-5 for the unstable distribution (sid), as they have been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## Short Description\nDHIS Tools contains a flaw that may allow a malicious local user to overwrite arbitrary files on the system. The issue is due to the script 'register-q.sh' creating temporary files insecurely. It is possible for a user to use a symlink style attack to manipulate arbitrary files, resulting in a loss of integrity.\n## References:\n[Vendor Specific Advisory URL](http://www.debian.org/security/2005/dsa-928)\n[Secunia Advisory ID:18228](https://secuniaresearch.flexerasoftware.com/advisories/18228/)\n[Secunia Advisory ID:18227](https://secuniaresearch.flexerasoftware.com/advisories/18227/)\n[Related OSVDB ID: 21934](https://vulners.com/osvdb/OSVDB:21934)\n[CVE-2005-3341](https://vulners.com/cve/CVE-2005-3341)\n", "modified": "2005-12-27T09:18:36", "published": "2005-12-27T09:18:36", "href": "https://vulners.com/osvdb/OSVDB:21935", "id": "OSVDB:21935", "type": "osvdb", "title": "DHIS Tools register-q.sh Symlink Arbitrary File Overwrite", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "openvas": [{"lastseen": "2017-07-24T12:50:13", "bulletinFamily": "scanner", "description": "The remote host is missing an update to dhis-tools-dns\nannounced via advisory DSA 928-1.\n\nJavier Fernandez-Sanguino Pena from the Debian Security Audit project\ndiscovered that two scripts in the dhis-tools-dns package, DNS\nconfiguration utilities for a dynamic host information System, which\nare usually executed by root, create temporary files in an insecure\nfashion.\n\nThe old stable distribution (woody) does not contain a dhis-tools-dns\npackage.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=56055", "id": "OPENVAS:56055", "title": "Debian Security Advisory DSA 928-1 (dhis-tools-dns)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_928_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 928-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"For the stable distribution (sarge) these problems have been fixed in\nversion 5.0-3sarge1.\n\nFor the unstable distribution (sid) these problems have been fixed in\nversion 5.0-5.\n\nWe recommend that you upgrade your dhis-tools-dns package.\n\n https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20928-1\";\ntag_summary = \"The remote host is missing an update to dhis-tools-dns\nannounced via advisory DSA 928-1.\n\nJavier Fernandez-Sanguino Pena from the Debian Security Audit project\ndiscovered that two scripts in the dhis-tools-dns package, DNS\nconfiguration utilities for a dynamic host information System, which\nare usually executed by root, create temporary files in an insecure\nfashion.\n\nThe old stable distribution (woody) does not contain a dhis-tools-dns\npackage.\";\n\n\nif(description)\n{\n script_id(56055);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 23:07:13 +0100 (Thu, 17 Jan 2008)\");\n script_bugtraq_id(16065);\n script_cve_id(\"CVE-2005-3341\");\n script_tag(name:\"cvss_base\", value:\"2.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:P/A:N\");\n script_name(\"Debian Security Advisory DSA 928-1 (dhis-tools-dns)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"dhis-tools-dns\", ver:\"5.0-3sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhis-tools-genkeys\", ver:\"5.0-3sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}]}
