Info

Disclosure

Nov 24, 2004

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

xmFrot contains a flaw that may allow a malicious local user to perform certain actions with escalated privileges. The issue is caused by temporary files being created insecurely by default which can be exploited via symlink attacks. It is possible that the flaw may allow an attacker to create or overwrite arbitrary files with privileges of the user running wmFrog resulting in a loss of integrity.

Classification

Location: Local Access Required
Attack Type: Race Condition
Impact: Loss of Integrity
Exploit: Exploit Unknown
Disclosure: OSVDB Verified

Solution

Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workarounds: 1.) Use the "-tmp" command line option to specify a secure temporary directory. 2.) Grant only trusted users access to affected systems.

Products

Thibaut Colar

wmFrog

0.1.6

References

Bugtraq ID: 11743
Secunia Advisory ID: 13259 25686
ISS X-Force ID: 18232
CVE ID: 2004-2473 (see also: NVD)
Other Advisory URL: http://wmfrog.svn.sourceforge.net/svnroot/wmfrog/wmfrog/CHANGES
Vendor URL: http://www.colar.net/wmapps/

Credit

Joey Hess -

Direct URL: http://osvdb.org/12118