wmFrog Insecure Temporary File Creation

2004-11-24T08:24:10
ID OSVDB:12118
Type osvdb
Reporter Joey Hess()
Modified 2004-11-24T08:24:10

Description

Vulnerability Description

xmFrot contains a flaw that may allow a malicious local user to perform certain actions with escalated privileges. The issue is caused by temporary files being created insecurely by default which can be exploited via symlink attacks. It is possible that the flaw may allow an attacker to create or overwrite arbitrary files with privileges of the user running wmFrog resulting in a loss of integrity.

Solution Description

Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workarounds: 1.) Use the "-tmp" command line option to specify a secure temporary directory. 2.) Grant only trusted users access to affected systems.

Short Description

xmFrot contains a flaw that may allow a malicious local user to perform certain actions with escalated privileges. The issue is caused by temporary files being created insecurely by default which can be exploited via symlink attacks. It is possible that the flaw may allow an attacker to create or overwrite arbitrary files with privileges of the user running wmFrog resulting in a loss of integrity.

References:

Vendor URL: http://www.colar.net/wmapps/ Secunia Advisory ID:13259 Secunia Advisory ID:25686 Other Advisory URL: http://wmfrog.svn.sourceforge.net/svnroot/wmfrog/wmfrog/CHANGES ISS X-Force ID: 18232 CVE-2004-2473 Bugtraq ID: 11743