ISS X-Force Database: openofficeorg-tmpfile-insecure-permissions(17312): OpenOffice.org temporary file has insecure permissions

OpenOffice.org temporary file has insecure permissions

openofficeorg-tmpfile-insecure-permissions (17312)

Medium Risk

Description:

OpenOffice.org could allow a local attacker to obtain sensitive information. OpenOffice.org creates the /tmp/sv<RAND>.tmp directory with world-readable permissions. A local attacker could view arbitrary files in this directory.

Note: StarOffice version 7 is also affected by this vulnerability.

Consequences:

Obtain Information

Remedy:

Apply the security-tmp-dir.diff fix for this vulnerability, available from the OpenOffice.org Issue 33357 Web page. See References.

For Red Hat Linux:
Upgrade to the latest openoffice.org package, as listed below. Refer to RHSA-2004:446-08 for more information. See References.

Red Hat Enterprise Linux AS (v. 3), ES (v. 3), WS (v. 3), Desktop: 1.1.0-16.14.EL or later

For Mandrake Linux:
Upgrade to the latest OpenOffice.org package, as listed below. Refer to MandrakeSoft Security Advisory MDKSA-2004:103 : OpenOffice.org for more information. See References.

Mandrake Linux 10.0: 1.1.2-8.100mdk or later

For Gentoo Linux:
Upgrade to the latest version of openoffice, as listed in GLSA 200410-17. See References.

For other distributions:
Contact your vendor for upgrade or patch information.

References:

Full-Disclosure Mailing List, Mon Sep 13 2004 - 02:37:34 CDT: Secunia Research: StarOffice / OpenOffice Insecure Temporary File Creation.
OpenOffice.org Issue 33357: Issue 33357 .
OpenOffice.org Web site: OpenOffice.org.
BID-11151: OpenOffice/StarOffice Local File Disclosure Vulnerability
CVE-2004-0752: OpenOffice (OOo) 1.1.2 creates predictable directory names with insecure permissions during startup, which may allow local users to read or list files of other users.
GLSA-200410-17: OpenOffice.org: Temporary files disclosure
MDKSA-2004:103: Updated OpenOffice.org packages fix temporary file vulnerabilities
OSVDB ID: 9804: OpenOffice/StarOffice Installation Temporary File Information Disclosure
RHSA-2004-446: openoffice.org security update
SA12302: OpenOffice / StarOffice Insecure Temporary File Creation
SECTRACK ID: 1011205: OpenOffice World-Readable Temporary Files Disclose Files to Local Users

Platforms Affected:

Gentoo Linux
MandrakeSoft Mandrake Linux 10.0
MandrakeSoft Mandrake Linux 10.0 AMD64
OpenOffice OpenOffice.org 1.1.2
RedHat Enterprise Linux 3 AS
RedHat Enterprise Linux 3 ES
RedHat Enterprise Linux 3 WS
RedHat Enterprise Linux 3 Desktop
Sun StarOffice 7.0

Reported:

Sep 10, 2004

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page