HP-UX Shar Utility Insecure Temporary File Creation

2003-12-02T09:53:35
ID OSVDB:2890
Type osvdb
Reporter OSVDB
Modified 2003-12-02T09:53:35

Description

Vulnerability Description

HP-UX 11.x shar utility contains a flaw that may lead to an escalation of a user's privileges. This flaw due to the utility's creation of temporary files with predictable names.

Technical Description

The HP-UX shar utility contains a flaw that may allow a malicious user to overwrite arbitrary files using symbolic link attacks. The issue is triggered when the shar utility writes temporary files to an untrusted directory. The default directory is /tmp or the directory specified by the environment variable, TMPDIR. It is possible that the flaw may allow arbitrary files to be overwritten resulting in a loss of confidentiality, integrity, and/or availability.

Solution Description

Upgrade to version PHCO_29010 for HP-UX B.11.11, PHCO_29697 for HP-UX B.11.04 and PHCO_28954 for HP-UX B.11.00 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Download patches by logging on to itrc.hp.com, and downloading the above patches depending on your HP-UX version.

Short Description

HP-UX 11.x shar utility contains a flaw that may lead to an escalation of a user's privileges. This flaw due to the utility's creation of temporary files with predictable names.

References:

Secunia Advisory ID:10339 ISS X-Force ID: 13882 Generic Informational URL: http://www4.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX0312-304 Generic Informational URL: http://itrc.hp.com CVE-2003-1099 CIAC Advisory: o-032 CERT VU: 509454 Bugtraq ID: 9141