periodic temp file symlink
| periodic-temp-file-symlink (6047) |  Medium Risk |
Description:
The periodic program in FreeBSD could allow a local attacker to launch a symlink attack. The periodic program uses insecure temporary file names in the /tmp directory. A local attacker could use this vulnerability to create a symbolic link in the /tmp directory to corrupt any file on the system. The periodic scripts are normally run with root privileges.
Platforms Affected:
- FreeBSD, FreeBSD 4.1
- FreeBSD, FreeBSD 4.1.1
Remedy:
For FreeBSD 4.1:
Upgrade to the latest version of FreeBSD (4.1.1-STABLE dated 2000-11-11 or later), as listed in FreeBSD Security Advisory FreeBSD-SA-01:12. See References.
— OR —
Apply the periodic patch, as listed in FreeBSD Security Advisory FreeBSD-SA-01:12. See References.
Consequences:
File Manipulation
References:
- CIAC Information Bulletin L-037, FreeBSD periodic Uses Insecure Temporary Files at http://www.ciac.org/ciac/bulletins/l-037.shtml.
- FreeBSD Security Advisory FreeBSD-SA-01:12, periodic uses insecure temporary files [REVISED] at http://archives.neohapsis.com/archives/freebsd/2001-01/0492.html.
- BID-2325: FreeBSD periodic /tmp File Race Condition Vulnerability
- CVE-2000-0890: periodic in FreeBSD 4.1.1 and earlier, and possibly other operating systems, allows local users to overwrite arbitrary files via a symlink attack.
- OSVDB ID: 1754: FreeBSD periodic /tmp File Race Condition
- US-CERT VU#626919: Race condition in periodic
Reported:
Jan 29, 2001
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net