CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:P/A:P
EPSS
Percentile
10.1%
Issue Overview:
It was found [1] that the Capture::Tiny module, provided by the perl-Capture-Tiny package, used the File::temp::tmpnam module to generate temporary files:
./lib/Capture/Tiny.pm: $stash->{flag_files}{$which} = scalar tmpnam();
This module makes use of the mktemp() function when called in the scalar context, which creates significantly more predictable temporary files. Additionally, the temporary file is created with world-writable (0666) permission. A local attacker could use this flaw to perform a symbolic link attack, overwriting arbitrary files accessible to a program using the Capture::Tiny module.
Affected Packages:
perl-Capture-Tiny
Issue Correction:
Run yum update perl-Capture-Tiny to update your system.
New Packages:
noarch:
perl-Capture-Tiny-0.24-1.5.amzn1.noarch
src:
perl-Capture-Tiny-0.24-1.5.amzn1.src
Red Hat: CVE-2014-1875
Mitre: CVE-2014-1875
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Amazon Linux | 1 | noarch | perl-capture-tiny | < 0.24-1.5.amzn1 | perl-Capture-Tiny-0.24-1.5.amzn1.noarch.rpm |