sysstat trigger Script Symlink Arbitrary File Overwrite

2004-03-10T00:00:00
ID OSVDB:6884
Type osvdb
Reporter OSVDB
Modified 2004-03-10T00:00:00

Description

Vulnerability Description

Sysstat contains a flaw that may allow a malicious user to overwrite arbitrary files. The issue is triggered when malicious symbolic links in the /tmp directory are created. It is possible that the flaw may allow for a privilege escalation and the deletion of arbitrary files resulting in a loss of confidentiality and integrity.

Solution Description

Upgrade to Sysstat 5.0.2 or later, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds. Users will need to consult their distribution specific documentation as binary packages might be using a different naming scheme or have a customized version of sysstat that varies from the source upgrade and binary package listed.

Short Description

Sysstat contains a flaw that may allow a malicious user to overwrite arbitrary files. The issue is triggered when malicious symbolic links in the /tmp directory are created. It is possible that the flaw may allow for a privilege escalation and the deletion of arbitrary files resulting in a loss of confidentiality and integrity.

References:

Vendor URL: http://perso.wanadoo.fr/sebastien.godard/ Related OSVDB ID: 6885 RedHat RHSA: RHSA-2004:093 ISS X-Force ID: 15428 CVE-2004-0107 CIAC Advisory: o-097 Bugtraq ID: 9838