106185 – app-admin/gwcc: Insecure Temporary File Creation

Bug 106185 - app-admin/gwcc: Insecure Temporary File Creation

Summary: app-admin/gwcc: Insecure Temporary File Creation

Status:	RESOLVED DUPLICATE of bug 104566

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	High normal (vote)
Assignee:	Gentoo Security

URL:	http://secunia.com/advisories/16833/
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2005-09-16 06:17 UTC by Jean-François Brunette (RETIRED)
Modified:	2005-09-16 06:56 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Jean-François Brunette (RETIRED) gentoo-dev

2005-09-16 06:17:57 UTC

Description:
D1g1t4lLeech has reported a vulnerability in GWCC, which can be exploited by
malicious, local users to perform certain actions on a vulnerable system with
escalated privileges.

The vulnerability is caused due to the temporary file "gwcc_out.txt" being
created insecurely in "/tmp" by "perform_file_save()" when printing. This can be
exploited via symlink attacks to create or overwrite arbitrary files with the
privileges of the user running the affected application.

The vulnerability has been reported in version 0.9.8. Other versions may also be
affected.

Comment 1 Jean-François Brunette (RETIRED) gentoo-dev

2005-09-16 06:25:24 UTC

Version 0.9.8 is old: "JAN 21, 2002"

Comment 2 Romang 2005-09-16 06:38:45 UTC

Hello,

http://bugs.gentoo.org/show_bug.cgi?id=104566

Discovered by Gentoo security Scout the 2005-09-13

A true Leech

Regards.

Comment 3 Jean-François Brunette (RETIRED) gentoo-dev

2005-09-16 06:56:50 UTC


*** This bug has been marked as a duplicate of 104566 ***