lintian symlink attack
| lintian-symlink (18808) |  Medium Risk |
Description:
lintian creates temporary files and directories insecurely. A local attacker could use this vulnerability to create symbolic links to overwrite arbitrary files and directories on the system with user privileges.
Platforms Affected:
- Debian, Debian Linux 3.0
- Debian, lintian 1.23
Remedy:
For Debian GNU/Linux 3.0 (woody):
Upgrade to the latest package of lintian (1.20.17.1 or later), as listed in Debian Security Advisory DSA-630-1. See References.
For other distributions:
Contact your vendor for upgrade or patch information.
Consequences:
File Manipulation
References:
- Debian Bug report logs - #286681, [CAN-2004-1000] [lib/Lab] Insecurely removes files after lab failed to be created at http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=286681.
- BID-12202: Debian Liantian Insecure Temporary File Vulnerability
- CVE-2004-1000: lintian 1.23 and earlier removes the working directory even if it was not created by lintian, which may allow local users to delete arbitrary files or directories via a symlink attack.
- DSA-630: lintian -- insecure temporary directory
- SA13771: Debian lintian Insecure Temporary File Deletion Security Issue
Reported:
Jan 10, 2005
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net