BID:9816

GNU Automake Insecure Temporary Directory Creation Symbolic Link Vulnerability

Info

GNU Automake Insecure Temporary Directory Creation Symbolic Link Vulnerability

Bugtraq ID:	9816
Class:	Design Error
CVE:
Remote:	No
Local:	Yes
Published:	Mar 08 2004 12:00AM
Updated:	Mar 08 2004 12:00AM
Credit:	Discovery is credited to Stefan Nordhausen <[email protected]>.
Vulnerable:	GNU Automake 1.8.2 GNU Automake 1.8.1 GNU Automake 1.7.9 GNU Automake 1.7.8 GNU Automake 1.7.7 GNU Automake 1.7.6 GNU Automake 1.7.5 GNU Automake 1.7.4 GNU Automake 1.7.3 GNU Automake 1.7.2 GNU Automake 1.7.1 GNU Automake 1.7

Not Vulnerable:	GNU Automake 1.8.3

Discussion

GNU Automake Insecure Temporary Directory Creation Symbolic Link Vulnerability

It has been reported that GNU Automake may be prone to a symbolic link vulnerability that may allow an attacker to modify data or gain elevated privileges on a vulnerable system. This issue results due to insecure creation of directories during compilation. The attacker may potentially create symbolic links in the place of files contained in the affected directories, which may potentially lead to elevated privileges due to modification of data.

GNU Automake versions prior to 1.8.3 are reported to be affected by this vulnerability.

Exploit / POC

GNU Automake Insecure Temporary Directory Creation Symbolic Link Vulnerability

No exploit is required.

Solution / Fix

GNU Automake Insecure Temporary Directory Creation Symbolic Link Vulnerability

Solution:
Gentoo has released an advisory that includes updates for this issue. Updates may be applied with the following commands:
# emerge sync
# emerge -pv ">=sys-devel/automake-1.8.3"
# emerge ">=sys-devel/automake-1.8.3"

Netwosix has released advisory LNSA-#2004-0009 to provide updates for this issue. Please see the referenced advisory for more details on obtaining and applying updates.

The vendor has released GNU automake 1.8.3 to address this issue:

GNU Automake 1.7