Multiple Gopher Client Insecure Temporary File Creation Privilege Escalation

2005-07-29T11:51:53
ID OSVDB:18390
Type osvdb
Reporter John Goerzen()
Modified 2005-07-29T11:51:53

Description

Vulnerability Description

Gopher contains a flaw that may allow a malicious local user to overwrite or create arbitrary files on the system. The issue is due to routines in the 'gopher.c' file creating temporary files insecurely in the /tmp folder. It is possible for a user to use a symlink style attack to manipulate arbitrary files, resulting in a loss of integrity.

Solution Description

Upgrade to version 3.0.8 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Gopher contains a flaw that may allow a malicious local user to overwrite or create arbitrary files on the system. The issue is due to routines in the 'gopher.c' file creating temporary files insecurely in the /tmp folder. It is possible for a user to use a symlink style attack to manipulate arbitrary files, resulting in a loss of integrity.

References:

Security Tracker: 1014599 Secunia Advisory ID:16277 Secunia Advisory ID:16275 Secunia Advisory ID:16413 Other Advisory URL: http://www.debian.org/security/2005/dsa-773 Other Advisory URL: http://www.debian.org/security/2005/dsa-770 Nessus Plugin ID:19319 CVE-2005-1853