Mandrake Linux ksymoops-gznm Arbitrary File Deletion

2004-06-12T04:40:17
ID OSVDB:6947
Type osvdb
Reporter Geoffrey Lee()
Modified 2004-06-12T04:40:17

Description

Vulnerability Description

Mandrake Linux contains a flaw that may allow a malicious user to perform a symlink attack. The issue is due to insecure tempotary file creation in the "/tmp" directory by the ksymoops-gznm script. It is possible that the flaw may allow a local attacker to delete arbitrary file on the system with a symlink pointing to an arbitrary file, resulting in a loss of integrity.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, MandrakeSoft has released a patch to address this vulnerability.

Short Description

Mandrake Linux contains a flaw that may allow a malicious user to perform a symlink attack. The issue is due to insecure tempotary file creation in the "/tmp" directory by the ksymoops-gznm script. It is possible that the flaw may allow a local attacker to delete arbitrary file on the system with a symlink pointing to an arbitrary file, resulting in a loss of integrity.

References:

Security Tracker: 1010466 Secunia Advisory ID:11845 Other Advisory URL: http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:060 ISS X-Force ID: 16392 CVE-2004-0581 Bugtraq ID: 10516