Sysstat Insecure Temporary File Creation Vulnerability

Bugtraq ID:	25380
Class:	Race Condition Error
CVE:	CVE-2007-3852
Remote:	No
Local:	Yes
Published:	Aug 21 2007 12:00AM
Updated:	Apr 03 2013 04:47PM
Credit:	Julien L is credited with the discovery of this vulnerability.
Vulnerable:	Sysstat Sysstat 7.1.6 Red Hat Enterprise Linux Desktop 5 client Red Hat Enterprise Linux 5 Server Gentoo Linux Avaya Voice Portal 5.1.1 Avaya Voice Portal 5.1 SP1 Avaya Voice Portal 5.1 Avaya Voice Portal 5.1 Avaya Voice Portal 5.0 SP2 Avaya Voice Portal 5.0 SP1 Avaya Voice Portal 5.0 Avaya Proactive Contact 5.0 Avaya IQ 5.2 Avaya IQ 5.1.1 Avaya IQ 5.1 Avaya IQ 5 Avaya Communication Server 1000M Signaling Server 7.5 Avaya Communication Server 1000M Signaling Server 7.0 Avaya Communication Server 1000M Signaling Server 6.0 Avaya Communication Server 1000M 7.5 Avaya Communication Server 1000M 7.0 Avaya Communication Server 1000M 6.0 Avaya Communication Server 1000E Signaling Server 7.5 Avaya Communication Server 1000E Signaling Server 7.0 Avaya Communication Server 1000E Signaling Server 6.0 Avaya Communication Server 1000E 7.5 Avaya Communication Server 1000E 7.0 Avaya Communication Server 1000E 6.0 Avaya Aura System Platform 6.0.2 Avaya Aura System Platform 6.0.1 Avaya Aura System Platform 6.0 SP3 Avaya Aura System Platform 6.0 SP2 Avaya Aura System Platform 6.0 Avaya Aura System Platform 1.1 Avaya Aura Messaging 6.0.1 + Avaya Communication Manager Server DEFINITY Server SI/CS + Avaya Communication Manager Server S8100 + Avaya Communication Manager Server S8300 + Avaya Communication Manager Server S8500 + Avaya Communication Manager Server S8700 Avaya Aura Messaging 6.0 + Avaya Communication Manager Server DEFINITY Server SI/CS + Avaya Communication Manager Server S8100 + Avaya Communication Manager Server S8300 + Avaya Communication Manager Server S8500 + Avaya Communication Manager Server S8700 Avaya Aura Communication Manager 6.0.1 + Avaya Communication Manager Server DEFINITY Server SI/CS + Avaya Communication Manager Server S8100 + Avaya Communication Manager Server S8300 + Avaya Communication Manager Server S8500 + Avaya Communication Manager Server S8700 Avaya Aura Communication Manager 6.0 + Avaya Communication Manager Server DEFINITY Server SI/CS + Avaya Communication Manager Server S8100 + Avaya Communication Manager Server S8300 + Avaya Communication Manager Server S8500 + Avaya Communication Manager Server S8700 Avaya Aura Communication Manager 5.2 + Avaya Communication Manager Server DEFINITY Server SI/CS + Avaya Communication Manager Server S8100 + Avaya Communication Manager Server S8300 + Avaya Communication Manager Server S8500 + Avaya Communication Manager Server S8700 Avaya Aura Application Server 5300 SIP Core 2.0 Avaya Aura Application Enablement Services 5.2.1 Avaya Aura Application Enablement Services 6.1.1 Avaya Aura Application Enablement Services 6.1 Avaya Aura Application Enablement Services 5.2.3 Avaya Aura Application Enablement Services 5.2.2 Avaya Aura Application Enablement Services 5.2
Not Vulnerable:

Sysstat Insecure Temporary File Creation Vulnerability

Sysstat creates temporary files in an insecure manner.

An attacker with local access could potentially exploit this issue to perform symlink attacks, overwriting arbitrary files in the context of applications using the affected library.

Successfully mounting a symlink attack may allow the attacker to overwrite or corrupt sensitive files, which may result in a denial of service. Other attacks may also be possible.

Sysstat 7.1.6 is reported vulnerable; other versions may be affected as well.

Sysstat Insecure Temporary File Creation Vulnerability

Attackers create malicious symbolic links to exploit this issue.

Sysstat Insecure Temporary File Creation Vulnerability

Solution:
Updates are available. Please see the references for more information.

Sysstat Insecure Temporary File Creation Vulnerability

References:

• Bugzilla Bug 188808 (Sune Kloppenborg Jeppesen )
  
• Sysstat Homepage (Sysstat)
  
• ASA-2011-268 sysstat security, bug fix, and enhancement update (RHSA-2011-1005) (Avaya)