ECLiPt eroaster Insecure Lockfile Creation

2003-08-20T03:26:13
ID OSVDB:2143
Type osvdb
Reporter OSVDB
Modified 2003-08-20T03:26:13

Description

Vulnerability Description

ECLiPt eroaster (a GUI for the cdrecord and mkisofs utilities), creates temporary files in an insecure manner which may allow malicious users to over-write arbitrary files with the privileges of the user running eroaster.

Technical Description

ECLiPt eroaster creates a lockfile in an insecure manner which may allow an attacker to over-write files with the permission of the user running eroaster. This could allow system compromise or privilege escalation if eroaster is being run as a priviliged user.

Solution Description

Upgrade to eroaster-2.1.0-r2 or higher.

On Mandrake, install the appropriate patch: 9.0/RPMS/eroaster-2.1.0-6.1mdk.noarch.rpm 9.0/SRPMS/eroaster-2.1.0-6.1mdk.src.rpm 9.1/RPMS/eroaster-2.1.0-6.1mdk.noarch.rpm 9.1/SRPMS/eroaster-2.1.0-6.1mdk.src.rpm corporate/2.1/RPMS/eroaster-2.1.0-6.1mdk.noarch.rpm corporate/2.1/SRPMS/eroaster-2.1.0-6.1mdk.src.rpm

On Debian, upgrade to 2.1.0.0.3-2woody1 or 2.2.0-0.5-1 (sid).

Short Description

ECLiPt eroaster (a GUI for the cdrecord and mkisofs utilities), creates temporary files in an insecure manner which may allow malicious users to over-write arbitrary files with the privileges of the user running eroaster.

References:

Vendor Specific Solution URL: http://www.debian.org/security/2003/dsa-366 Vendor Specific Advisory URL Secunia Advisory ID:9568 Secunia Advisory ID:9655 Secunia Advisory ID:9455 ISS X-Force ID: 12829 CVE-2003-0656 Bugtraq ID: 8350