Metasploit contains a flaw that may allow a malicious local user to overwrite arbitrary files on the system. The issue is due to the program creating temporary files insecurely. It is possible for a local attacker to use a symlink attack against the plugins/pcap_log.rb file to cause the program to unexpectedly write to, or overwrite an attacker specified file.

Upgrade to version 4.4 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

• Exploit Database: 21927
• Bugtraq ID: 54472
• Other Advisory URL: http://0a29.blogspot.com/2012/07/0a29-12-2-metasploit-pcaplog-plugin.html
• Vendor Specific News/Changelog Entry: https://community.rapid7.com/docs/DOC-1946
• Vendor Specific Solution URL: https://github.com/rapid7/metasploit-framework/commit/428a98c1d1d5341d32ffe0ed380d06a327ed2740

• 0a29406d9794e4f9b30b3c5d6702c708

NVD does not currently have a CVSSv2 score assigned.