Tiger Security Tool installsig Execute Arbitrary Command

2003-04-14T00:00:00
ID OSVDB:3167
Type osvdb
Reporter OSVDB
Modified 2003-04-14T00:00:00

Description

Vulnerability Description

Tiger Security Scanner has a flaw which allows local attackers to execute arbitrary commands with root privileges. The flaw is due to the util/installsig script not properly checking the DESTDIR variable. A local attacker can create a specially crafted command that will be executed by the same privilege that runs the Tiger utility (typically root) via 'eval'.

Solution Description

Upgrade to version 3.1rc1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Tiger Security Scanner has a flaw which allows local attackers to execute arbitrary commands with root privileges. The flaw is due to the util/installsig script not properly checking the DESTDIR variable. A local attacker can create a specially crafted command that will be executed by the same privilege that runs the Tiger utility (typically root) via 'eval'.

References:

Generic Informational URL: http://savannah.nongnu.org/cgi-bin/viewcvs/tiger/tiger/CHANGES?rev=HEAD&content-type=text/vnd.viewcvs-markup