| Summary: | app-forensics/rkhunter: audit wrt insecure temp file usage (CVE-2008-4982) | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Christian Hoffmann (RETIRED) <hoffie> |
| Component: | Auditing | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED INVALID | ||
| Severity: | normal | CC: | dragonheart, forensics+obsolete |
| Priority: | High | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | http://bugs.debian.org/496375 | ||
| Whiteboard: | |||
| Package list: | Runtime testing required: | --- | |
| Bug Depends on: | |||
| Bug Blocks: | 194832, 235770 | ||
|
Description
Christian Hoffmann (RETIRED)
2008-08-26 17:04:56 UTC
All in-tree versions (1.2.7-r1, 1.2.8, 1.2.9) only install scripts which either use mktemp properly or place temporary files in a pre-created directory which is owned by the super user. The user may change this path using the --tmpdir option in some cases, but even in that case rkhunter warns about it if the user tries to use /tmp. Debian ships a newer version of this package, so we should be careful when bumping. So: Currently not affected Might be affected in the future if new versions of rkhunter find their way into the tree. BTW: Several scripts in the tarball look like they are vulnerable to temporary file issues, but we don't install those. |