LHA Insecure Temporary File Creation Vulnerability
BID:24336
Info
LHA Insecure Temporary File Creation Vulnerability
| Bugtraq ID: | 24336 |
| Class: | Race Condition Error |
| CVE: |
CVE-2007-2030 |
| Remote: | No |
| Local: | Yes |
| Published: | Jun 05 2007 12:00AM |
| Updated: | Jun 07 2007 05:40PM |
| Credit: | Lubomir Kundrak is credited with the discovery of this vulnerability. |
| Vulnerable: |
Redhat Fedora Core5 Mandriva Linux Mandrake 2007.1 x86_64 Mandriva Linux Mandrake 2007.1 Mandriva Linux Mandrake 2007.0 x86_64 Mandriva Linux Mandrake 2007.0 MandrakeSoft Corporate Server 4.0 x86_64 MandrakeSoft Corporate Server 3.0 x86_64 MandrakeSoft Corporate Server 3.0 MandrakeSoft Corporate Server 4.0 LHA Lha 1.14i LHA Lha 1.14b |
| Not Vulnerable: | |
Discussion
LHA Insecure Temporary File Creation Vulnerability
The 'lha' program creates temporary files in an insecure manner.
An attacker with local access could potentially exploit this issue to perform symlink attacks, overwriting arbitrary files in the context of the affected application.
Successfully mounting a symlink attack may allow the attacker to overwrite or corrupt sensitive files, which may result in a denial of service. Other attacks may also be possible.
The 'lha' program creates temporary files in an insecure manner.
An attacker with local access could potentially exploit this issue to perform symlink attacks, overwriting arbitrary files in the context of the affected application.
Successfully mounting a symlink attack may allow the attacker to overwrite or corrupt sensitive files, which may result in a denial of service. Other attacks may also be possible.
Exploit / POC
LHA Insecure Temporary File Creation Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution / Fix
LHA Insecure Temporary File Creation Vulnerability
Solution:
The vendor released an update to address this issue. Please see the references for more information.
Solution:
The vendor released an update to address this issue. Please see the references for more information.
References
LHA Insecure Temporary File Creation Vulnerability
References:
References:
- Bug 236585: CVE-2007-2030 /tmp race in lha (RedHat - Bugzilla)
- Vendor Homepage (LHA)