gource Insecure Temporary File Creation Vulnerability
BID:39529
CVE-2010-2449 |Info
gource Insecure Temporary File Creation Vulnerability
| Bugtraq ID: | 39529 |
| Class: | Design Error |
| CVE: | |
| Remote: | No |
| Local: | Yes |
| Published: | Apr 16 2010 12:00AM |
| Updated: | Apr 20 2010 05:03PM |
| Credit: | Sven Joachim |
| Vulnerable: |
Red Hat Fedora 13 Red Hat Fedora 12 Andrew Caudwell gource 0.26-1 |
| Not Vulnerable: |
Andrew Caudwell gource 0.26b |
Discussion
gource Insecure Temporary File Creation Vulnerability
gource creates temporary files in an insecure manner.
An attacker with local access could potentially exploit this issue to perform symbolic-link attacks, overwriting arbitrary files in the context of the affected application.
Successfully mounting a symlink attack may allow the attacker to delete or corrupt sensitive files, which may result in a denial of service. Other attacks may also be possible.
Versions prior to gource 0.26b are affected.
gource creates temporary files in an insecure manner.
An attacker with local access could potentially exploit this issue to perform symbolic-link attacks, overwriting arbitrary files in the context of the affected application.
Successfully mounting a symlink attack may allow the attacker to delete or corrupt sensitive files, which may result in a denial of service. Other attacks may also be possible.
Versions prior to gource 0.26b are affected.
Exploit / POC
gource Insecure Temporary File Creation Vulnerability
An attacker uses readily available commands to exploit this issue.
An attacker uses readily available commands to exploit this issue.
Solution / Fix
gource Insecure Temporary File Creation Vulnerability
Solution:
Updates are available. Please see the references for details.
Solution:
Updates are available. Please see the references for details.
References
gource Insecure Temporary File Creation Vulnerability
References:
References:
- Debian Bug report logs - #577958 (Debian)
- gource - Homepage (Andrew Caudwell)