Info

Disclosure

Jun 11, 2005

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

shtool contains a flaw that may allow a malicious local user to overwrite or create arbitrary files on the system. The problem is that the application creates and reuses temporary files insecurely. It is possible for a user to use a symlink style attack to manipulate arbitrary files, resulting in a loss of integrity.

Classification

Location: Local Access Required
Attack Type: Race Condition
Impact: Loss of Integrity
Exploit: Exploit Unavailable
Disclosure: OSVDB Verified

Solution

Contact your vendor for an appropriate upgrade. An upgrade is required as there are no known workarounds.

Products

Gentoo Linux

ocaml-mysql

1.0.3

GNU

shtool

2.0.1

OpenPKG

2.3

References

Security Tracker: 1014059
Secunia Advisory ID: 15496 15666 15668 16512 16631
Related OSVDB ID: 16848
CVE ID: 2005-1759 (see also: NVD)
Other Advisory URL: http://www.debian.org/security/2005/dsa-789
http://www.gentoo.org/security/en/glsa/glsa-200506-08.xml
http://www.ubuntulinux.org/support/documentation/usn/usn-171-1
http://www.zataz.net/adviso/shtool-05252005.txt
Vendor Specific News/Changelog Entry: http://www.gnu.org/software/shtool/ChangeLog.txt
Vendor Specific Advisory URL: http://www.openpkg.org/security/OpenPKG-SA-2005.011-shtool.html

Credit

Eric Romang - eromangzataz.net - ZATAZ Audit

Direct URL: http://osvdb.org/36218