Perl DBI::ProxyServer Unsafe Temporary Files May Let Local Users Gain Elevated Privileges
|
|
SecurityTracker Alert ID: 1013007
|
|
SecurityTracker URL: http://securitytracker.com/id?1013007
|
|
CVE Reference: CAN-2005-0077
(Links to External Site)
|
Date: Jan 26 2005
|
Impact: Execution of arbitrary code via local system, User access via local system
|
Description: A vulnerability was reported in the Perl DBI library in the use of temporary files. A local user may be able to gain elevated privileges.
The 'DBI::ProxyServer' module in the Perl DBI library uses a process ID (PID) file in an unsafe manner. A local user can create
a symbolic link (symlink) from a critical file on the system to the PID file used by the library. Then, when a target user invokes
an application that uses the module (such as 'dbiproxy'), the symlinked file may be created or overwritten with the privileges of
the target user.
The flaws reside in 'dbiproxy.PL' and 'lib/DBI/ProxyServer.pm'.
Javier Fernandez-Sanguino Pena from the Debian
Security Audit Project is credited with discovering this flaw.
|
Impact: A local user may be able to gain elevated privileges.
|
Solution: No solution was available at the time of this entry.
|
Cause: Access control error, State error
|
Underlying OS: Linux (Any), UNIX (Any)
|
|
Message History:
This archive entry has one or more follow-up message(s) listed below.
|
Source Message Contents
|
Date: Wed, 26 Jan 2005 03:32:38 -0500
Subject: [none]
|
CVE: CAN-2005-0077
Several vendors reported a vulnerability in the Perl DBI library. The library uses
temporary files in an unsafe manner. A local user may be able to gain elevated
privileges
Javier Fernandez-Sanguino Pena from the Debian Security Audit Project is credited with
discovering this flaw.
|
|
