Context Texutil Insecure Temporary Log File Vulnerability
BID:10042
Info
Context Texutil Insecure Temporary Log File Vulnerability
| Bugtraq ID: | 10042 |
| Class: | Design Error |
| CVE: | |
| Remote: | No |
| Local: | Yes |
| Published: | Apr 05 2004 12:00AM |
| Updated: | Apr 05 2004 12:00AM |
| Credit: | Discovery is credited to Shaun Colley. |
| Vulnerable: |
PRAGMA ADE ConTeXt |
| Not Vulnerable: | |
Discussion
Context Texutil Insecure Temporary Log File Vulnerability
The ConTeXt TeXUtil program creates log files in an insecure manner when invoked with the '--silent' command line option. This could allow a malicious local user to launch a symbolic link attack when such a file is created. This could cause attacker-specified files that are writeable by the user invoking the utility to be corrupted.
The ConTeXt TeXUtil program creates log files in an insecure manner when invoked with the '--silent' command line option. This could allow a malicious local user to launch a symbolic link attack when such a file is created. This could cause attacker-specified files that are writeable by the user invoking the utility to be corrupted.
Exploit / POC
Context Texutil Insecure Temporary Log File Vulnerability
There is no exploit required.
There is no exploit required.
Solution / Fix
Context Texutil Insecure Temporary Log File Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
Context Texutil Insecure Temporary Log File Vulnerability
References:
References:
- TeXUtil Homepage (PRAGMA ADE)
- Texutil symlink vulnerability. (=?iso-8859-1?q?Shaun=20Colley?=
)