Logcheck Insecure Temporary Directory Vulnerability
BID:10162
Info
Logcheck Insecure Temporary Directory Vulnerability
| Bugtraq ID: | 10162 |
| Class: | Access Validation Error |
| CVE: |
CVE-2004-0404 |
| Remote: | No |
| Local: | Yes |
| Published: | Apr 17 2004 12:00AM |
| Updated: | Jul 12 2009 04:06AM |
| Credit: | Discovery is credited to Christian Jaeger. |
| Vulnerable: |
Psionic Logcheck 1.1.1 |
| Not Vulnerable: | |
Discussion
Logcheck Insecure Temporary Directory Vulnerability
Logcheck performs operations on temporary directories in the /var/tmp directory in an insecure manner.
This issue may only be exploited when the program removes said directories. The issue could be exploited by a local attacker to corrupt root owned files. This will most likely result in destruction of data and denial of service.
Logcheck performs operations on temporary directories in the /var/tmp directory in an insecure manner.
This issue may only be exploited when the program removes said directories. The issue could be exploited by a local attacker to corrupt root owned files. This will most likely result in destruction of data and denial of service.
Exploit / POC
Logcheck Insecure Temporary Directory Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution / Fix
References
Logcheck Insecure Temporary Directory Vulnerability
References:
References: