OSVDB ID: 77972

Title: virtualenv virtualenv.py Temporary Files Symlink Arbitrary File Overwrite

Info

Disclosure

Jul 25, 2010

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Jul 25, 2010

Description

virtualenv contains a flaw that may allow a malicious local user to overwrite arbitrary files on the system. The issue is due to the virtualenv.py script creating temporary files insecurely. It is possible for a local attacker to use a symlink attack to cause the program to unexpectedly write to, or overwrite an attacker specified file.

Classification

Location: Local Access Required
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Upgrade
Exploit: Exploit Unknown
Disclosure: Vendor Verified

Solution

Upgrade to version 1.5 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Unknown or Incomplete

References

CVE ID: 2011-4617 (see also: NVD)
Secunia Advisory ID: 47240 49710
Mail List Post: http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071638.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071643.html
Other Advisory URL: http://openwall.com/lists/oss-security/2011/12/19/2
http://openwall.com/lists/oss-security/2011/12/19/4
http://openwall.com/lists/oss-security/2011/12/19/5
Vendor Specific News/Changelog Entry: http://www.gentoo.org/security/en/glsa/glsa-201206-17.xml
https://bitbucket.org/ianb/virtualenv/changeset/8be37c509fe5
Vendor Specific Solution URL: https://github.com/pypa/virtualenv/commit/68075ad9ededf7df2c46d385f836c13b729de2ca

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/77972