Gentoo Archives: gentoo-announce

From: Thierry Carrez <koon@g.o>
To: gentoo-announce@l.g.o
Cc: bugtraq@×××××××××××××.com, full-disclosure@××××××××××××××.uk, security-alerts@×××××××××××××.com
Subject: [gentoo-announce] [ GLSA 200504-20 ] openMosixview: Insecure temporary file creation
Date: Thu, 21 Apr 2005 13:28:04
Message-Id: 4267AA63.7030403@gentoo.org
1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
2 Gentoo Linux Security Advisory GLSA 200504-20
3 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
4 http://security.gentoo.org/
5 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
6
7 Severity: Normal
8 Title: openMosixview: Insecure temporary file creation
9 Date: April 21, 2005
10 Bugs: #86686
11 ID: 200504-20
12
13 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
14
15 Synopsis
16 ========
17
18 openMosixview and the openMosixcollector daemon are vulnerable to
19 symlink attacks, potentially allowing a local user to overwrite
20 arbitrary files.
21
22 Background
23 ==========
24
25 The openMosixview package contains several tools used to manage
26 openMosix clusters, including openMosixview (the main monitoring and
27 administration application) and openMosixcollector (a daemon collecting
28 cluster and node information).
29
30 Affected packages
31 =================
32
33 -------------------------------------------------------------------
34 Package / Vulnerable / Unaffected
35 -------------------------------------------------------------------
36 1 sys-cluster/openmosixview < 1.5-r1 >= 1.5-r1
37
38 Description
39 ===========
40
41 Gangstuck and Psirac from Rexotec discovered that openMosixview
42 insecurely creates several temporary files with predictable filenames.
43
44 Impact
45 ======
46
47 A local attacker could create symbolic links in the temporary files
48 directory, pointing to a valid file somewhere on the filesystem. When
49 openMosixView or the openMosixcollector daemon runs, this would result
50 in the file being overwritten with the rights of the user running the
51 utility, which could be the root user.
52
53 Workaround
54 ==========
55
56 There is no known workaround at this time.
57
58 Resolution
59 ==========
60
61 All openMosixview users should upgrade to the latest version:
62
63 # emerge --sync
64 # emerge --ask --oneshot --verbose ">=sys-cluster/openmosixview-1.5-r1"
65
66 References
67 ==========
68
69 [ 1 ] CAN-2005-0894
70 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0894
71
72 Availability
73 ============
74
75 This GLSA and any updates to it are available for viewing at
76 the Gentoo Security Website:
77
78 http://security.gentoo.org/glsa/glsa-200504-20.xml
79
80 Concerns?
81 =========
82
83 Security is a primary focus of Gentoo Linux and ensuring the
84 confidentiality and security of our users machines is of utmost
85 importance to us. Any security concerns should be addressed to
86 security@g.o or alternatively, you may file a bug at
87 http://bugs.gentoo.org.
88
89 License
90 =======
91
92 Copyright 2005 Gentoo Foundation, Inc; referenced text
93 belongs to its owner(s).
94
95 The contents of this document are licensed under the
96 Creative Commons - Attribution / Share Alike license.
97
98 http://creativecommons.org/licenses/by-sa/2.0

Attachments

File name MIME type
signature.asc application/pgp-signature