DeleGate DGROOT World Writable File Creation

1999-07-21T00:00:00
ID OSVDB:6312
Type osvdb
Reporter Olaf Seibert(rhialto@polder.ubc.kun.nl)
Modified 1999-07-21T00:00:00

Description

Vulnerability Description

Delegate contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a user browses the Delegate /tmp structure occurs, which will disclose current configuration and status information resulting in a loss of confidentiality.

Solution Description

Upgrade to version 6.0.0 or higher (current is 8.9.3), as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Delegate contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a user browses the Delegate /tmp structure occurs, which will disclose current configuration and status information resulting in a loss of confidentiality.

References:

Vendor URL: http://www.delegate.org/delegate/updates/ Other Advisory URL: http://archives.neohapsis.com/archives/bugtraq/1999-q3/0174.html Other Advisory URL: http://marc.theaimsgroup.com/?l=bugtraq&m=93259112204664&w=2 ISS X-Force ID: 8438 CVE-1999-1338