Red Hat OpenShift Origin CVE-2013-0164 Insecure Temporary File Creation Vulnerability
BID:58169
Info
Red Hat OpenShift Origin CVE-2013-0164 Insecure Temporary File Creation Vulnerability
| Bugtraq ID: | 58169 |
| Class: | Design Error |
| CVE: |
CVE-2013-0164 |
| Remote: | No |
| Local: | Yes |
| Published: | Jan 09 2013 12:00AM |
| Updated: | Jan 09 2013 12:00AM |
| Credit: | Michael Scherer |
| Vulnerable: |
Redhat OpenShift Enterprise 0 |
| Not Vulnerable: |
Redhat OpenShift Enterprise 1.1 |
Discussion
Red Hat OpenShift Origin CVE-2013-0164 Insecure Temporary File Creation Vulnerability
Red Hat OpenShift Origin is prone to an insecure-temporary-file-creation vulnerability because it creates temporary files in an insecure manner.
An attacker with local access could potentially exploit this issue to perform symbolic-link attacks, overwriting arbitrary files in the context of the affected application. Other attacks may also be possible.
Red Hat OpenShift Origin is prone to an insecure-temporary-file-creation vulnerability because it creates temporary files in an insecure manner.
An attacker with local access could potentially exploit this issue to perform symbolic-link attacks, overwriting arbitrary files in the context of the affected application. Other attacks may also be possible.
Exploit / POC
Red Hat OpenShift Origin CVE-2013-0164 Insecure Temporary File Creation Vulnerability
An attacker can use readily available commands to exploit this issue.
An attacker can use readily available commands to exploit this issue.
References
Red Hat OpenShift Origin CVE-2013-0164 Insecure Temporary File Creation Vulnerability
References:
References: