Gentoo Archives: gentoo-announce

From: Sune Kloppenborg Jeppesen <jaervosz@g.o>
To: gentoo-announce@l.g.o
Cc: bugtraq@×××××××××××××.com, full-disclosure@××××××××××××××.uk, security-alerts@×××××××××××××.com
Subject: [gentoo-announce] [ GLSA 200506-13 ] webapp-config: Insecure temporary file handling
Date: Fri, 17 Jun 2005 14:20:49
Message-Id: 200506171555.24011.jaervosz@gentoo.org
1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
2 Gentoo Linux Security Advisory GLSA 200506-13
3 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
4 http://security.gentoo.org/
5 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
6
7 Severity: Normal
8 Title: webapp-config: Insecure temporary file handling
9 Date: June 17, 2005
10 Bugs: #91785, #88831
11 ID: 200506-13
12
13 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
14
15 Synopsis
16 ========
17
18 The webapp-config utility insecurely creates temporary files in a world
19 writable directory, potentially allowing the execution of arbitrary
20 commands.
21
22 Background
23 ==========
24
25 webapp-config is a Gentoo Linux utility to help manage the installation
26 of web-based applications.
27
28 Affected packages
29 =================
30
31 -------------------------------------------------------------------
32 Package / Vulnerable / Unaffected
33 -------------------------------------------------------------------
34 1 net-www/webapp-config < 1.11 >= 1.11
35
36 Description
37 ===========
38
39 Eric Romang discovered webapp-config uses a predictable temporary
40 filename while processing certain options, resulting in a race
41 condition.
42
43 Impact
44 ======
45
46 Successful exploitation of the race condition would allow an attacker
47 to disrupt the operation of webapp-config, or execute arbitrary shell
48 commands with the privileges of the user running webapp-config. A local
49 attacker could use a symlink attack to create or overwrite files with
50 the permissions of the user running webapp-config.
51
52 Workaround
53 ==========
54
55 There is no known workaround at this time.
56
57 Resolution
58 ==========
59
60 All webapp-config users should upgrade to the latest version:
61
62 # emerge --sync
63 # emerge --ask --oneshot --verbose ">=net-www/webapp-config-1.11"
64
65 Availability
66 ============
67
68 This GLSA and any updates to it are available for viewing at
69 the Gentoo Security Website:
70
71 http://security.gentoo.org/glsa/glsa-200506-13.xml
72
73 Concerns?
74 =========
75
76 Security is a primary focus of Gentoo Linux and ensuring the
77 confidentiality and security of our users machines is of utmost
78 importance to us. Any security concerns should be addressed to
79 security@g.o or alternatively, you may file a bug at
80 http://bugs.gentoo.org.
81
82 License
83 =======
84
85 Copyright 2005 Gentoo Foundation, Inc; referenced text
86 belongs to its owner(s).
87
88 The contents of this document are licensed under the
89 Creative Commons - Attribution / Share Alike license.
90
91 http://creativecommons.org/licenses/by-sa/2.0