Bug#318285: CAN-2005-2240 symlink attack in xpvm.tcl

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#318285: CAN-2005-2240 symlink attack in xpvm.tcl
From: Joey Hess <joeyh@debian.org>
Date: Thu, 14 Jul 2005 17:27:33 +0300
Message-id: <[🔎] 20050714142733.GA26234@kitenet.net>
Reply-to: Joey Hess <joeyh@debian.org>, 318285@bugs.debian.org

Package: xpvm
Severity: serious
Tags: security

According to http://secunia.com/advisories/16040:

  Eric Romang has reported a vulnerability in xpvm, which can be exploited by
  malicious, local users to perform certain actions on a vulnerable system with
  escalated privileges.

  The vulnerability is caused due to the temporary file "/tmp/xpvm.trace.$user"
  being created insecurely by "src/xpvm.tcl". This can be exploited via symlink
  attacks to create or overwrite arbitrary files with the privileges of the user
  running the affected application.

This is CAN-2005-2240.

-- 
see shy jo

Attachment: signature.asc
Description: Digital signature

Reply to:

Follow-Ups:
- Bug#318285: CAN-2005-2240 symlink attack in xpvm.tcl
  - From: Frank Lichtenheld <djpig@debian.org>

Prev by Date: Bug#318278: [l10n] Initial Czech translation of mifluz debconf messagesd
Next by Date: Let your computer be the PRO!
Previous by thread: Bug#318278: marked as done ([l10n] Initial Czech translation of mifluz debconf messagesd)
Next by thread: Bug#318285: CAN-2005-2240 symlink attack in xpvm.tcl
Index(es):
- Date
- Thread