Guilt Multiple Insecure Temporary File Creation Vulnerabilities

Bugtraq ID:	25941
Class:	Design Error
CVE:	CVE-2007-5207
Remote:	No
Local:	Yes
Published:	Oct 05 2007 12:00AM
Updated:	Oct 09 2007 02:18PM
Credit:	Romain Francoise is credited with the discovery of these vulnerabilities.
Vulnerable:	Guilt Guilt 0.27 Debian Linux 3.1 sparc Debian Linux 3.1 s/390 Debian Linux 3.1 ppc Debian Linux 3.1 mipsel Debian Linux 3.1 mips Debian Linux 3.1 m68k Debian Linux 3.1 ia-64 Debian Linux 3.1 ia-32 Debian Linux 3.1 hppa Debian Linux 3.1 arm Debian Linux 3.1 amd64 Debian Linux 3.1 alpha Debian Linux 3.1 Debian Linux 4.0 sparc Debian Linux 4.0 s/390 Debian Linux 4.0 powerpc Debian Linux 4.0 mipsel Debian Linux 4.0 mips Debian Linux 4.0 m68k Debian Linux 4.0 ia-64 Debian Linux 4.0 ia-32 Debian Linux 4.0 hppa Debian Linux 4.0 arm Debian Linux 4.0 amd64 Debian Linux 4.0 alpha Debian Linux 4.0
Not Vulnerable:

Guilt Multiple Insecure Temporary File Creation Vulnerabilities

Guilt is prone to multiple vulnerabilities because it creates temporary files in an insecure way.

Successfully mounting a symlink attack may allow the attacker to overwrite or corrupt sensitive files, which may result in a denial of service. Other attacks may also be possible.

Guilt 0.27 is vulnerable to these issues; other versions may also be affected.

Guilt Multiple Insecure Temporary File Creation Vulnerabilities

To exploit these issues, an attacker can use readily available commands.

Guilt Multiple Insecure Temporary File Creation Vulnerabilities

Solution:
Currently we are not aware of any vendor-supplied patches for these issues. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].

Guilt Multiple Insecure Temporary File Creation Vulnerabilities

References:

• Debian Bug report logs - #445308 (Debian)
  
• guilt(7) Manual Page (Josef "Jeff" Sipek)