Remstats Local Insecure Temporary File Creation Vulnerability
BID:12979
Info
Remstats Local Insecure Temporary File Creation Vulnerability
| Bugtraq ID: | 12979 |
| Class: | Design Error |
| CVE: |
CVE-2005-0387 |
| Remote: | No |
| Local: | Yes |
| Published: | Apr 04 2005 12:00AM |
| Updated: | Jul 12 2009 11:56AM |
| Credit: | Jens Steube is credited with the discovery of this issue. |
| Vulnerable: |
Remstats Network Analysis Utility 1.0.13 a Remstats Network Analysis Utility 1.0.12 a Remstats Network Analysis Utility 1.0.11 a Remstats Network Analysis Utility 1.0.10 a Remstats Network Analysis Utility 1.0.9 a Remstats Network Analysis Utility 1.0.8 a Remstats Network Analysis Utility 1.0.7 a Remstats Network Analysis Utility 1.0.6 a Remstats Network Analysis Utility 1.0.5 a Remstats Network Analysis Utility 1.0 a4 |
| Not Vulnerable: | |
Discussion
Remstats Local Insecure Temporary File Creation Vulnerability
A local insecure file creation vulnerability affects Remstats. This issue is due to a design error that causes a file to be insecurely opened or created and subsequently written to.
An attacker may leverage this issue to corrupt arbitrary files with the privileges of an unsuspecting user that activates the affected application.
A local insecure file creation vulnerability affects Remstats. This issue is due to a design error that causes a file to be insecurely opened or created and subsequently written to.
An attacker may leverage this issue to corrupt arbitrary files with the privileges of an unsuspecting user that activates the affected application.
Exploit / POC
Remstats Local Insecure Temporary File Creation Vulnerability
No exploit is required to leverage this issue.
No exploit is required to leverage this issue.
Solution / Fix
Remstats Local Insecure Temporary File Creation Vulnerability
Solution:
Debian Linux has released an advisory (DSA 704-1) dealing with this issue. Please see the referenced advisory for more information.
Remstats Network Analysis Utility 1.0 a4
Solution:
Debian Linux has released an advisory (DSA 704-1) dealing with this issue. Please see the referenced advisory for more information.
Remstats Network Analysis Utility 1.0 a4
-
Debian remstats-bintools_1.00a4-8woody1_alpha.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/r/remstats/remstats-binto ols_1.00a4-8woody1_alpha.deb -
Debian remstats-bintools_1.00a4-8woody1_arm.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/r/remstats/remstats-binto ols_1.00a4-8woody1_arm.deb -
Debian remstats-bintools_1.00a4-8woody1_hppa.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/r/remstats/remstats-binto ols_1.00a4-8woody1_hppa.deb -
Debian remstats-bintools_1.00a4-8woody1_i386.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/r/remstats/remstats-binto ols_1.00a4-8woody1_i386.deb -
Debian remstats-bintools_1.00a4-8woody1_ia64.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/r/remstats/remstats-binto ols_1.00a4-8woody1_ia64.deb -
Debian remstats-bintools_1.00a4-8woody1_m68k.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/r/remstats/remstats-binto ols_1.00a4-8woody1_m68k.deb -
Debian remstats-bintools_1.00a4-8woody1_mips.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/r/remstats/remstats-binto ols_1.00a4-8woody1_mips.deb -
Debian remstats-bintools_1.00a4-8woody1_mipsel.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/r/remstats/remstats-binto ols_1.00a4-8woody1_mipsel.deb -
Debian remstats-bintools_1.00a4-8woody1_powerpc.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/r/remstats/remstats-binto ols_1.00a4-8woody1_powerpc.deb -
Debian remstats-bintools_1.00a4-8woody1_s390.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/r/remstats/remstats-binto ols_1.00a4-8woody1_s390.deb -
Debian remstats-bintools_1.00a4-8woody1_sparc.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/r/remstats/remstats-binto ols_1.00a4-8woody1_sparc.deb -
Debian remstats-doc_1.00a4-8woody1_all.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/r/remstats/remstats-doc_1 .00a4-8woody1_all.deb -
Debian remstats-servers_1.00a4-8woody1_all.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/r/remstats/remstats-serve rs_1.00a4-8woody1_all.deb -
Debian remstats_1.00a4-8woody1_all.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/r/remstats/remstats_1.00a 4-8woody1_all.deb
References
Remstats Local Insecure Temporary File Creation Vulnerability
References:
References:
- Remstats Home Page (Remstats)