Tux Paint tuxpaint-import.sh Symlink Arbitrary File Overwrite

2006-01-16T08:02:36
ID OSVDB:22453
Type osvdb
Reporter Javier Fernandez-Sanguino Pena(jfs@computer.org)
Modified 2006-01-16T08:02:36

Description

Vulnerability Description

Tux Paint contains a flaw that may allow a malicious local user to overwrite or create arbitrary files on the system. The issue is due to the tuxpaint-import.sh script creating temporary files insecurely. It is possible for a user to use a symlink style attack to manipulate arbitrary files, resulting in a loss of integrity.

Solution Description

Upgrade to version 0.9.15 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds. Ubuntu users may upgrade to version 1:0.9.14-2ubuntu0.1. Debian users may upgrade to version 0.9.14-2sarge0.

Short Description

Tux Paint contains a flaw that may allow a malicious local user to overwrite or create arbitrary files on the system. The issue is due to the tuxpaint-import.sh script creating temporary files insecurely. It is possible for a user to use a symlink style attack to manipulate arbitrary files, resulting in a loss of integrity.

References:

Vendor URL: http://www.newbreedsoftware.com/tuxpaint/ Secunia Advisory ID:18475 Secunia Advisory ID:18474 Secunia Advisory ID:18476 Other Advisory URL: http://www.ubuntu.com/usn/usn-243-1 Other Advisory URL: http://www.debian.org/security/2006/dsa-941 CVE-2005-3340