Kile Backup File Insecure File Permissions Vulnerability
BID:21200
Info
Kile Backup File Insecure File Permissions Vulnerability
| Bugtraq ID: | 21200 |
| Class: | Design Error |
| CVE: |
CVE-2006-6085 |
| Remote: | No |
| Local: | Yes |
| Published: | Nov 20 2006 12:00AM |
| Updated: | Jul 06 2016 02:40PM |
| Credit: | The vendor reported this issue. |
| Vulnerable: |
Kile Kile 1.8 |
| Not Vulnerable: | |
Discussion
Kile Backup File Insecure File Permissions Vulnerability
Kile is prone to an insecure-file-permissions vulnerability because of a design flaw in the affected application.
An attacker could exploit this issue to access sensitive information that may aid in other attacks.
Versions prior to 1.9.3 are vulnerable to this issue.
Kile is prone to an insecure-file-permissions vulnerability because of a design flaw in the affected application.
An attacker could exploit this issue to access sensitive information that may aid in other attacks.
Versions prior to 1.9.3 are vulnerable to this issue.
Exploit / POC
Kile Backup File Insecure File Permissions Vulnerability
An attacker can exploit this issue by using standard utilities to access the vulnerable file.
An attacker can exploit this issue by using standard utilities to access the vulnerable file.
Solution / Fix
Kile Backup File Insecure File Permissions Vulnerability
Solution:
The vendor has released version 1.9.3 to address this issue. Please see the references for more information.
Kile Kile 1.8
Solution:
The vendor has released version 1.9.3 to address this issue. Please see the references for more information.
Kile Kile 1.8
References
Kile Backup File Insecure File Permissions Vulnerability
References:
References:
- 1.9.3 Release Notes (Kile)
- Vendor Homepage (Kile)