Lookup Symlink Bug Lets Local Users Overwrite Arbitrary Files
|
|
SecurityTracker Alert ID: 1017792 |
|
SecurityTracker URL: http://securitytracker.com/id/1017792
|
|
CVE Reference:
CVE-2007-0237
(Links to External Site)
|
Date: Mar 19 2007
|
Impact:
Modification of system information, Modification of user information
|
|
|
Description:
A vulnerability was reported in Lookup. A local user can overwrite arbitrary files on the target system.
A local user can create a symbolic link (symlink) from a critical file on the system to a temporary file used by Lookup. Then, when Lookup is used with the ndeb-binary feature, the symlinked file may be overwritten.
Tatsuya Kinoshita discovered this vulnerability.
|
Impact:
A local user can overwrite arbitrary files on the target system.
|
Solution:
No solution was available at the time of this entry.
|
Vendor URL: lookup.sourceforge.net/ (Links to External Site)
|
Cause:
Access control error, State error
|
Underlying OS:
Linux (Any), UNIX (Any)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Sun, 18 Mar 2007 22:13:11 -0500
Subject: Lookup
|
CVE-2007-0237
Debian wrote:
Tatsuya Kinoshita discovered that Lookup, a search interface to
electronic dictionaries on emacsen, creates a temporary file in an
insecure fashion when the ndeb-binary feature is used, which allows a
local attacker to craft a symlink attack to overwrite arbitrary files.
|
|
