WAFP Insecure Temporary File Creation Vulnerability
BID:39760
Info
WAFP Insecure Temporary File Creation Vulnerability
| Bugtraq ID: | 39760 |
| Class: | Design Error |
| CVE: |
CVE-2010-1438 |
| Remote: | No |
| Local: | Yes |
| Published: | Apr 28 2010 12:00AM |
| Updated: | Apr 28 2010 12:00AM |
| Credit: | Henri Salo |
| Vulnerable: |
WAFP WAFP 0.01-26c3 |
| Not Vulnerable: | |
Discussion
WAFP Insecure Temporary File Creation Vulnerability
WAFP (Web Application Finger Printer) creates temporary files in an insecure manner.
An attacker with local access could potentially exploit this issue to perform symbolic-link attacks, overwriting arbitrary files in the context of the affected application.
Successfully mounting a symlink attack may allow the attacker to delete or corrupt sensitive files, which may result in a denial of service. Other attacks may also be possible.
WAFP (Web Application Finger Printer) creates temporary files in an insecure manner.
An attacker with local access could potentially exploit this issue to perform symbolic-link attacks, overwriting arbitrary files in the context of the affected application.
Successfully mounting a symlink attack may allow the attacker to delete or corrupt sensitive files, which may result in a denial of service. Other attacks may also be possible.
Exploit / POC
WAFP Insecure Temporary File Creation Vulnerability
An attacker uses readily available commands to exploit this issue.
An attacker uses readily available commands to exploit this issue.
Solution / Fix
WAFP Insecure Temporary File Creation Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
WAFP Insecure Temporary File Creation Vulnerability
References:
References:
- Issue 8 - webapplicationfingerprinter - Insecure temporary directory (Henri Salo)
- WAFP Homepage (WAFP)
- wafp insecure temporary directory (Henri Salo)