Amarok 'MagnatuneBrowser::listDownloadComplete()' Insecure Temporary File Creation Vulnerability

Bugtraq ID:	30662
Class:	Design Error
CVE:	CVE-2008-3699
Remote:	No
Local:	Yes
Published:	Aug 12 2008 12:00AM
Updated:	Apr 13 2015 09:48PM
Credit:	Dwayne Litzenberger <[email protected]>
Vulnerable:	Ubuntu Ubuntu Linux 8.04 LTS sparc Ubuntu Ubuntu Linux 8.04 LTS powerpc Ubuntu Ubuntu Linux 8.04 LTS lpia Ubuntu Ubuntu Linux 8.04 LTS i386 Ubuntu Ubuntu Linux 8.04 LTS amd64 Ubuntu Ubuntu Linux 7.10 sparc Ubuntu Ubuntu Linux 7.10 powerpc Ubuntu Ubuntu Linux 7.10 lpia Ubuntu Ubuntu Linux 7.10 i386 Ubuntu Ubuntu Linux 7.10 amd64 Slackware Linux 12.1 Slackware Linux 12.0 Slackware Linux 11.0 Slackware Linux -current Pardus Linux 2008 0 Pardus Linux 2007 0 Mandriva Linux Mandrake 2008.1 x86_64 Mandriva Linux Mandrake 2008.1 Mandriva Linux Mandrake 2008.0 x86_64 Mandriva Linux Mandrake 2008.0 Gentoo Linux Amarok Amarok 1.4.9.1
Not Vulnerable:

Amarok 'MagnatuneBrowser::listDownloadComplete()' Insecure Temporary File Creation Vulnerability

Amarok reportedly creates temporary files in an insecure manner. Note that this has not yet been corroborated.

An attacker with local access could potentially exploit this issue to perform symbolic-link attacks, overwriting arbitrary files in the context of the affected application.

Successfully mounting a symlink attack may allow the attacker to delete or corrupt sensitive files, which may result in a denial of service. Other attacks may also be possible.

Amarok 1.4.9.1 is affected; other versions may also be vulnerable.

Amarok 'MagnatuneBrowser::listDownloadComplete()' Insecure Temporary File Creation Vulnerability

An attacker uses readily available commands to exploit this issue.

Amarok 'MagnatuneBrowser::listDownloadComplete()' Insecure Temporary File Creation Vulnerability

Solution:
Fixes are available. Please see the references for more information.


Ubuntu Ubuntu Linux 7.10 i386

• Ubuntu amarok-engines_1.4.7-0ubuntu3.1_i386.deb
  http://security.ubuntu.com/ubuntu/pool/universe/a/amarok/amarok-engine s_1.4.7-0ubuntu3.1_i386.deb


• Ubuntu amarok-xine_1.4.7-0ubuntu3.1_i386.deb
  http://security.ubuntu.com/ubuntu/pool/main/a/amarok/amarok-xine_1.4.7 -0ubuntu3.1_i386.deb


• Ubuntu amarok_1.4.7-0ubuntu3.1_i386.deb
  http://security.ubuntu.com/ubuntu/pool/main/a/amarok/amarok_1.4.7-0ubu ntu3.1_i386.deb

Ubuntu Ubuntu Linux 7.10 powerpc

• Ubuntu amarok-engines_1.4.7-0ubuntu3.1_powerpc.deb
  http://security.ubuntu.com/ubuntu/pool/universe/a/amarok/amarok-engine s_1.4.7-0ubuntu3.1_powerpc.deb


• Ubuntu amarok-xine_1.4.7-0ubuntu3.1_powerpc.deb
  http://security.ubuntu.com/ubuntu/pool/main/a/amarok/amarok-xine_1.4.7 -0ubuntu3.1_powerpc.deb


• Ubuntu amarok_1.4.7-0ubuntu3.1_powerpc.deb
  http://security.ubuntu.com/ubuntu/pool/main/a/amarok/amarok_1.4.7-0ubu ntu3.1_powerpc.deb

Slackware Linux 12.0

• Slackware amarok-1.4.10-i486-1_slack12.0.tgz
  ftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/ amarok-1.4.10-i486-1_slack12.0.tgz


• Slackware amarok-1.4.10-i486-1_slack12.0.tgz
  ftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/ amarok-1.4.10-i486-1_slack12.0.tgz


• Slackware libgpod-0.6.0-i486-1_slack12.0.tgz
  ftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/ libgpod-0.6.0-i486-1_slack12.0.tgz

Slackware Linux -current

• Slackware amarok-1.4.10-i486-1.tgz
  ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/kde/ amarok-1.4.10-i486-1.tgz

Ubuntu Ubuntu Linux 8.04 LTS powerpc

• Ubuntu amarok-engines_1.4.9.1-0ubuntu3.1_powerpc.deb
  http://ports.ubuntu.com/pool/universe/a/amarok/amarok-engines_1.4.9.1- 0ubuntu3.1_powerpc.deb


• Ubuntu amarok-xine_1.4.9.1-0ubuntu3.1_powerpc.deb
  http://ports.ubuntu.com/pool/main/a/amarok/amarok-xine_1.4.9.1-0ubuntu 3.1_powerpc.deb


• Ubuntu amarok_1.4.9.1-0ubuntu3.1_powerpc.deb
  http://ports.ubuntu.com/pool/main/a/amarok/amarok_1.4.9.1-0ubuntu3.1_p owerpc.deb

Ubuntu Ubuntu Linux 8.04 LTS sparc

• Ubuntu amarok-engines_1.4.9.1-0ubuntu3.1_sparc.deb
  http://ports.ubuntu.com/pool/universe/a/amarok/amarok-engines_1.4.9.1- 0ubuntu3.1_sparc.deb


• Ubuntu amarok-xine_1.4.9.1-0ubuntu3.1_sparc.deb
  http://ports.ubuntu.com/pool/main/a/amarok/amarok-xine_1.4.9.1-0ubuntu 3.1_sparc.deb


• Ubuntu amarok_1.4.9.1-0ubuntu3.1_sparc.deb
  http://ports.ubuntu.com/pool/main/a/amarok/amarok_1.4.9.1-0ubuntu3.1_s parc.deb

Ubuntu Ubuntu Linux 7.10 amd64

• Ubuntu amarok-engines_1.4.7-0ubuntu3.1_amd64.deb
  http://security.ubuntu.com/ubuntu/pool/universe/a/amarok/amarok-engine s_1.4.7-0ubuntu3.1_amd64.deb


• Ubuntu amarok-xine_1.4.7-0ubuntu3.1_amd64.deb
  http://security.ubuntu.com/ubuntu/pool/main/a/amarok/amarok-xine_1.4.7 -0ubuntu3.1_amd64.deb


• Ubuntu amarok_1.4.7-0ubuntu3.1_amd64.deb
  http://security.ubuntu.com/ubuntu/pool/main/a/amarok/amarok_1.4.7-0ubu ntu3.1_amd64.deb

Ubuntu Ubuntu Linux 8.04 LTS i386

• Ubuntu amarok-engines_1.4.9.1-0ubuntu3.1_i386.deb
  http://security.ubuntu.com/ubuntu/pool/universe/a/amarok/amarok-engine s_1.4.9.1-0ubuntu3.1_i386.deb


• Ubuntu amarok-xine_1.4.9.1-0ubuntu3.1_i386.deb
  http://security.ubuntu.com/ubuntu/pool/main/a/amarok/amarok-xine_1.4.9 .1-0ubuntu3.1_i386.deb


• Ubuntu amarok_1.4.9.1-0ubuntu3.1_i386.deb
  http://security.ubuntu.com/ubuntu/pool/main/a/amarok/amarok_1.4.9.1-0u buntu3.1_i386.deb

Ubuntu Ubuntu Linux 8.04 LTS amd64

• Ubuntu amarok-engines_1.4.9.1-0ubuntu3.1_amd64.deb
  http://security.ubuntu.com/ubuntu/pool/universe/a/amarok/amarok-engine s_1.4.9.1-0ubuntu3.1_amd64.deb


• Ubuntu amarok-xine_1.4.9.1-0ubuntu3.1_amd64.deb
  http://security.ubuntu.com/ubuntu/pool/main/a/amarok/amarok-xine_1.4.9 .1-0ubuntu3.1_amd64.deb


• Ubuntu amarok_1.4.9.1-0ubuntu3.1_amd64.deb
  http://security.ubuntu.com/ubuntu/pool/main/a/amarok/amarok_1.4.9.1-0u buntu3.1_amd64.deb

Ubuntu Ubuntu Linux 7.10 sparc

• Ubuntu amarok-engines_1.4.7-0ubuntu3.1_sparc.deb
  http://security.ubuntu.com/ubuntu/pool/universe/a/amarok/amarok-engine s_1.4.7-0ubuntu3.1_sparc.deb


• Ubuntu amarok-xine_1.4.7-0ubuntu3.1_sparc.deb
  http://security.ubuntu.com/ubuntu/pool/main/a/amarok/amarok-xine_1.4.7 -0ubuntu3.1_sparc.deb


• Ubuntu amarok_1.4.7-0ubuntu3.1_sparc.deb
  http://security.ubuntu.com/ubuntu/pool/main/a/amarok/amarok_1.4.7-0ubu ntu3.1_sparc.deb

Slackware Linux 11.0

• Slackware libgpod-0.6.0-i486-1_slack11.0.tgz
  ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/ libgpod-0.6.0-i486-1_slack11.0.tgz

Ubuntu Ubuntu Linux 8.04 LTS lpia

• Ubuntu amarok-engines_1.4.9.1-0ubuntu3.1_lpia.deb
  http://ports.ubuntu.com/pool/universe/a/amarok/amarok-engines_1.4.9.1- 0ubuntu3.1_lpia.deb


• Ubuntu amarok-xine_1.4.9.1-0ubuntu3.1_lpia.deb
  http://ports.ubuntu.com/pool/main/a/amarok/amarok-xine_1.4.9.1-0ubuntu 3.1_lpia.deb


• Ubuntu amarok_1.4.9.1-0ubuntu3.1_lpia.deb
  http://ports.ubuntu.com/pool/main/a/amarok/amarok_1.4.9.1-0ubuntu3.1_l pia.deb

Ubuntu Ubuntu Linux 7.10 lpia

• Ubuntu amarok-engines_1.4.7-0ubuntu3.1_lpia.deb
  http://ports.ubuntu.com/pool/universe/a/amarok/amarok-engines_1.4.7-0u buntu3.1_lpia.deb


• Ubuntu amarok-xine_1.4.7-0ubuntu3.1_lpia.deb
  http://ports.ubuntu.com/pool/main/a/amarok/amarok-xine_1.4.7-0ubuntu3. 1_lpia.deb


• Ubuntu amarok_1.4.7-0ubuntu3.1_lpia.deb
  http://ports.ubuntu.com/pool/main/a/amarok/amarok_1.4.7-0ubuntu3.1_lpi a.deb

Amarok 'MagnatuneBrowser::listDownloadComplete()' Insecure Temporary File Creation Vulnerability

References:

• Debian Bug report logs - #494765 amarok: Possible insecure temporary file creati (Debian)
  
• Vendor Homepage (Amarok)