Gambas Insecure Temporary Directory Creation Vulnerability
BID:58192
Info
Gambas Insecure Temporary Directory Creation Vulnerability
| Bugtraq ID: | 58192 |
| Class: | Design Error |
| CVE: |
CVE-2013-1809 |
| Remote: | No |
| Local: | Yes |
| Published: | Feb 27 2013 12:00AM |
| Updated: | Mar 04 2013 11:44AM |
| Credit: | Larry W. Cashdollar |
| Vulnerable: | |
| Not Vulnerable: | |
Discussion
Gambas Insecure Temporary Directory Creation Vulnerability
Gambas is prone to a security vulnerability because it creates temporary directories in an insecure manner.
An attacker with local access could potentially exploit this issue to perform symbolic-link attacks with root privileges. Other attacks may also be possible.
Versions prior to Gambas 3.3.5 are vulnerable.
Gambas is prone to a security vulnerability because it creates temporary directories in an insecure manner.
An attacker with local access could potentially exploit this issue to perform symbolic-link attacks with root privileges. Other attacks may also be possible.
Versions prior to Gambas 3.3.5 are vulnerable.
Exploit / POC
Gambas Insecure Temporary Directory Creation Vulnerability
An attacker can use readily available commands to exploit this issue.
An attacker can use readily available commands to exploit this issue.
Solution / Fix
Gambas Insecure Temporary Directory Creation Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
Gambas Insecure Temporary Directory Creation Vulnerability
References:
References:
- Gambas Homepage (Benoît Minisini)
- BUG: Ensure that the interpreter temporary directory is owned by the current use (Benoît Minisini)
- Issue 365: Gambas creates hijackable directory in /tmp ( lcash)
- NEW: Check at startup that temporary directories are really directories and not (Benoît Minisini)