InoculateIT Linux finoregupdate Script /tmp Symlink

2004-02-09T00:00:00
ID OSVDB:4735
Type osvdb
Reporter l0om(l0om@excluded.org)
Modified 2004-02-09T00:00:00

Description

Vulnerability Description

eTrust InoculateIT contains a flaw that may allow a local user to access, create or overwrite arbitrary files. The flaw is due to the "finoregupdate" script creating insecure files in the /tmp directory. If an attacker creates a symlink before the file does, they can use it to leverage access to privileged files.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

eTrust InoculateIT contains a flaw that may allow a local user to access, create or overwrite arbitrary files. The flaw is due to the "finoregupdate" script creating insecure files in the /tmp directory. If an attacker creates a symlink before the file does, they can use it to leverage access to privileged files.

References:

Related OSVDB ID: 3896 Related OSVDB ID: 4855 Related OSVDB ID: 4856 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-02/0235.html ISS X-Force ID: 15102 CVE-2004-0267 Bugtraq ID: 9616