Info

Disclosure

Sep 01, 2005

Discovery

May 31, 2005

Dates

Exploit

Sep 01, 2005

Solution

Unknown

Description

SILC Server and Toolkit contains a flaw that may allow a malicious local user to overwrite arbitrary files on the system. The issue is due to the program creating temporary files insecurely. It is possible for a user to use a symlink style attack to manipulate arbitrary files, resulting in a loss of integrity.

Classification

Location: Local Access Required
Attack Type: Race Condition
Impact: Loss of Integrity
Exploit: Exploit Available
Disclosure: OSVDB Verified

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, Tavis Ormandy (Gentoo) has released an unofficial patch to address this vulnerability.

Products

SILC Project	SILC Server	1.0
	SILC Toolkit	1.0
		0.9.12-r3

References

Security Tracker: 1014844
Bugtraq ID: 14716
Secunia Advisory ID: 16659
CVE ID: 2005-2809 (see also: NVD)
Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2005-09/0001.html
Other Solution URL: http://bugs.gentoo.org/attachment.cgi?id=61573
Vendor Specific News/Changelog Entry: http://bugs.gentoo.org/show_bug.cgi?id=94587
Vendor URL: http://silcnet.org/
Other Advisory URL: http://www.zataz.net/adviso/silc-server-toolkit-06152005.txt

Credit

Eric Romang - eromangzataz.net - ZATAZ Audit

Direct URL: http://osvdb.org/36218

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

SILC Project

SILC Server

SILC Toolkit

References

Credit