Sysstat Insecure Temporary File Creation Vulnerability

BID:9838

Info

Sysstat Insecure Temporary File Creation Vulnerability

Bugtraq ID: 9838
Class: Design Error
CVE: CVE-2004-0107
Remote: No
Local: Yes
Published: Mar 10 2004 12:00AM
Updated: Jul 12 2009 03:06AM
Credit: This issue was announced in a Red Hat advisory.
Vulnerable: Sysstat Sysstat 5.0.1
Sysstat Sysstat 4.1.7
Sysstat Sysstat 4.1.6
Sysstat Sysstat 4.1.5
Sysstat Sysstat 4.1.4
Sysstat Sysstat 4.1.3
Sysstat Sysstat 4.1.2
Sysstat Sysstat 4.1.1
Sysstat Sysstat 4.0.7
+ Redhat Enterprise Linux AS 3
 + Redhat Enterprise Linux ES 3
 + Redhat Enterprise Linux WS 3
 + Redhat Linux 9.0 i386
 Sysstat Sysstat 4.0.3
SGI ProPack 2.4
SGI ProPack 2.3
Redhat sysstat-4.0.7-3.i386.rpm
+ Redhat Linux 9.0 i386
Not Vulnerable: Sysstat Sysstat 5.0.2

Discussion

Sysstat Insecure Temporary File Creation Vulnerability

The Sysstat system monitoring utility is prone to an issue that may allow malicious local users to corrupt system files, most likely resulting in loss of data or a denial of service.

The source of this vulnerability is that the utility creates temporary files in an insecure manner, facilitating creation of malicious symbolic links in the /tmp directory.

Exploit / POC

Sysstat Insecure Temporary File Creation Vulnerability

There is no exploit required.

Solution / Fix

Sysstat Insecure Temporary File Creation Vulnerability

Solution:
SGI has released an advisory (20040302-01-U) and fixes to address this issue. Please see the referenced advisory for further details on applying and obtaining fixes, fixes are linked below.

Red Hat has released advisory RHSA-2004:093-01 to address this issue.

Red Hat also released advisory RHSA-2004:053-16 for their enterprise distributions. Please see the attached advisory for details on applying and obtaining fixes.

The vendor has released Sysstat 5.0.2 to address the issue.

Gentoo has released advisory GLSA 200404-04 and fixes for this issue. They advise that users upgrade by taking the following steps at the command line:

# emerge sync
# emerge -pv ">=app-admin/sysstat-5.0.2"
# emerge ">=app-admin/sysstat-5.0.2"

Please see the referenced Gentoo advisory for more information.

SUSE has released an advisory SuSE-SA:2004:009 to address this and other issues. Please see the advisory for more information.

A Fedora legacy advisory (FLSA:1372) is available that address this issue for Red Hat Linux 7.3 running on the i386 platform. Please see the referenced advisory for more information.


Redhat sysstat-4.0.7-3.i386.rpm

SGI ProPack 2.3

SGI ProPack 2.4

Sysstat Sysstat 4.0.7

Sysstat Sysstat 4.1.1

Sysstat Sysstat 4.1.2

Sysstat Sysstat 4.1.3

Sysstat Sysstat 4.1.4

Sysstat Sysstat 4.1.5

Sysstat Sysstat 4.1.6

Sysstat Sysstat 4.1.7

Sysstat Sysstat 5.0.1

References

Sysstat Insecure Temporary File Creation Vulnerability

References:
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report