Lookup Symlink Bug Lets Local Users Overwrite Arbitrary Files
|
|
SecurityTracker Alert ID: 1017792
|
|
SecurityTracker URL: http://securitytracker.com/id?1017792
|
|
CVE Reference: CVE-2007-0237
(Links to External Site)
|
Date: Mar 19 2007
|
Impact: Modification of system information, Modification of user information
|
Description: A vulnerability was reported in Lookup. A local user can overwrite arbitrary files on the target system.
A local user can create a symbolic link (symlink) from a critical file on the system to a temporary file used by Lookup. Then, when
Lookup is used with the ndeb-binary feature, the symlinked file may be overwritten.
Tatsuya Kinoshita discovered this vulnerability.
|
Impact: A local user can overwrite arbitrary files on the target system.
|
Solution: No solution was available at the time of this entry.
|
Vendor URL: lookup.sourceforge.net/ (Links to External Site)
|
Cause: Access control error, State error
|
Underlying OS: Linux (Any), UNIX (Any)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Sun, 18 Mar 2007 22:13:11 -0500
Subject: Lookup
|
CVE-2007-0237
Debian wrote:
Tatsuya Kinoshita discovered that Lookup, a search interface to
electronic dictionaries on emacsen, creates a temporary file in an
insecure fashion when the ndeb-binary feature is used, which allows a
local attacker to craft a symlink attack to overwrite arbitrary files.
|
|
