sysstat post Script Symlink Arbitrary File Overwrite

2004-03-10T00:00:00
ID OSVDB:6885
Type osvdb
Reporter OSVDB
Modified 2004-03-10T00:00:00

Description

Vulnerability Description

Sysstat contains a flaw that may allow a malicious user to perform a symlink attack. The issue is due to the post script creating insecure temporary files. By creating a symbolic link for a file in /tmp to an arbitrary file on the system, a local attacker can overwrite arbitrary files on the system, resulting in a loss of integrity.

Solution Description

Upgrade to Sysstat 5.0.2 or later, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Sysstat contains a flaw that may allow a malicious user to perform a symlink attack. The issue is due to the post script creating insecure temporary files. By creating a symbolic link for a file in /tmp to an arbitrary file on the system, a local attacker can overwrite arbitrary files on the system, resulting in a loss of integrity.

References:

Related OSVDB ID: 6884 RedHat RHSA: RHSA-2004:093 ISS X-Force ID: 15428 CVE-2004-0107 CIAC Advisory: o-097 Bugtraq ID: 9838