BMV Viewer Unsafe Temporary Files May Let Local Users Gain Elevated Privileges
|
|
SecurityTracker Alert ID: 1012847
|
|
SecurityTracker URL: http://securitytracker.com/id?1012847
|
|
CVE Reference: CAN-2003-0014
(Links to External Site)
|
Date: Jan 12 2005
|
Impact: Modification of system information, Modification of user information, User access via local system
|
Version(s): 1.2
|
Description: A vulnerability was reported in the BMV viewer in the processing of temporary files. A local user may be able to gain elevated privileges.
Debian reported that BMV uses temporary files in an unsafe manner. A local user can create a symbolic link (symlink) from a critical
file on the system to a temporary file to be used by BMV. Then, when BMV is run, the symlinked file may be overwritten with the
privileges of the target user.
The flaw resides in 'gsinterf.c'.
Peter Samuelson is credited with discovering this flaw.
|
Impact: A local user may be able to obtain elevated privileges.
|
Solution: No upstream solution was available at the time of this entry.
|
Cause: Access control error, State error
|
Underlying OS: Linux (Any), UNIX (Any)
|
|
Message History:
This archive entry has one or more follow-up message(s) listed below.
|
Source Message Contents
|
Date: Wed, 12 Jan 2005 00:31:25 -0500
Subject: [none]
|
CVE: CAN-2003-0014
Debian reported a vulnerability in the BMV viewer in the processing of temporary files.
A local user may be able to gain elevated privileges.
Peter Samuelson is credited with discovering this flaw.
|
|
