Bokken Insecure Temporary File Creation Privilege Escalation Vulnerability
BID:51057
Info
Bokken Insecure Temporary File Creation Privilege Escalation Vulnerability
| Bugtraq ID: | 51057 |
| Class: | Design Error |
| CVE: | |
| Remote: | No |
| Local: | Yes |
| Published: | Dec 14 2011 12:00AM |
| Updated: | Dec 14 2011 12:00AM |
| Credit: | Paul Wise |
| Vulnerable: |
Jean-Philippe Lang Bokken 1.5 |
| Not Vulnerable: | |
Discussion
Bokken Insecure Temporary File Creation Privilege Escalation Vulnerability
Bokken is prone to a vulnerability because it creates temporary files in an insecure manner.
An attacker with local access could potentially exploit this issue to perform symbolic-link attacks.
Successfully mounting a symlink attack may allow the attacker to overwrite sensitive files with elevated privileges.
Bokken 1.5 is vulnerable; other versions may also be affected.
Bokken is prone to a vulnerability because it creates temporary files in an insecure manner.
An attacker with local access could potentially exploit this issue to perform symbolic-link attacks.
Successfully mounting a symlink attack may allow the attacker to overwrite sensitive files with elevated privileges.
Bokken 1.5 is vulnerable; other versions may also be affected.
Exploit / POC
Bokken Insecure Temporary File Creation Privilege Escalation Vulnerability
An attacker can use readily available commands to exploit this issue.
An attacker can use readily available commands to exploit this issue.
Solution / Fix
Bokken Insecure Temporary File Creation Privilege Escalation Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
Bokken Insecure Temporary File Creation Privilege Escalation Vulnerability
References:
References:
- Bokken Product Page (Jean-Philippe Lang )
- bokken: vulnerable to symlink attack, leading to arbitrary file overwrite (Debian)