phpGroupWare lang_extract.pl Arbitrary File Overwrite

2003-04-30T21:22:05
ID OSVDB:7619
Type osvdb
Reporter Norbert Bollow(nb@softwareeconomics.biz)
Modified 2003-04-30T21:22:05

Description

Vulnerability Description

phpGroupWare contains a flaw that may allow a malicious user to overwrite arbitrary files. The issue is triggered due to the 'lang_extract.pl' script, which uses the same random seed. It is possible that the flaw may allow a malicious user with write permissions in temporary directories to create a symlink and overwrite arbitrary files resulting in a loss of integrity.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

phpGroupWare contains a flaw that may allow a malicious user to overwrite arbitrary files. The issue is triggered due to the 'lang_extract.pl' script, which uses the same random seed. It is possible that the flaw may allow a malicious user with write permissions in temporary directories to create a symlink and overwrite arbitrary files resulting in a loss of integrity.

References:

Vendor URL: http://www.phpgroupware.org/ Vendor Specific Advisory URL