Testtrack For Linux Race Condition

`Software: Testtrack for Linux  
Vulnerability : Symlink  
Problem type : local  
Debian-specific: dono  
CVE IDs : CVE-2012-1201  
Date : Mar 20, 2012  
Affected : min Feb 20, 2012  
  
  
Problem Description:  
  
Racecondition in Testtrack for Linux  
  
  
References:  
  
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1201  
  
  
Software:  
  
Deliver Quality with TestTrack  
  
TestTrack is the definitive tool suite to manage all application  
development phases and artifacts. From requirements, user  
stories and release planning, through sprints, assignments  
and work items, to test cases, QA cycles, defect resolutions and  
releases, TestTrack helps you deliver quality products on time.  
  
[..]  
  
  
Problem:  
  
In the Linux Installation of Testtrack, there is an Init-Script  
called spls, that "suffers" from a race condition.  
  
  
Details:  
  
Race in pidofproc()  
splicsrv  
Init file for Seapine License Server  
  
[..]  
  
OSNAME=`uname -s` <-- deep into uname skills :p  
  
[..]  
  
# function to find the pid of a program  
pidofproc() {  
base=`basename $1`  
# removed pidof command for awk script that parse ps output - MJT  
# pid=`pidof -o $$ -o $PPID -o %PPID -x ${base}`  
ps -ef > /tmp/ps.tbl  
pid=`awk -F" " '/\/splicsvr/ {print $2}' /tmp/ps.tbl`  
rm -rf /tmp/ps.tbl > /dev/null 2>&1  
if [ "$pid" != "" ]  
then  
echo $pid  
return 0  
fi  
}  
  
[..]  
  
Vendor Communication:  
  
20 Feb -- notified.  
20 Mar -- No response after 30 days -> "disclosed"  
  
  
Misc Notes:  
  
I also tried to kill arbitrary pids, but someone was so clever to match  
them in /proc instead of killing them.  
  
In the end, the sofware seems not activly maintained.  
  
  
Greetings:  
  
To CVE Team for being uncomplicated.  
To pancake for being nice.  
To srm, Dude! don't drink so much.  
To those, who trust me.  
To all who stay real.  
  
  
Simon  
.  
  
`