Info

Disclosure

Mar 12, 2006

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

CGI::Session contains a flaw that may allow a malicious local user to overwrite arbitrary files on the system. The issue is due to the Driver::File, Driver::db_file and Driver::sqlite modules creating temporary files insecurely. It is possible for a user to use a symlink style attack to manipulate arbitrary files, resulting in a loss of integrity.

Classification

Location: Local Access Required
Attack Type: Race Condition
Impact: Loss of Integrity
Exploit: Exploit Rumored
Disclosure: OSVDB Verified, Vendor Verified

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, Julien Danjou has released a patch to address this vulnerability.

Products

Mark Stosberg

CGI::Session

4.03-1

References

Bugtraq ID: 17177
Secunia Advisory ID: 19211
CVE ID: 2006-1279 (see also: NVD)
Related OSVDB ID: 23866 23867
VUPEN Advisory: ADV-2006-0946
Vendor Specific News/Changelog Entry: http://bugs.debian.org/356555
Vendor URL: http://search.cpan.org/~markstos/CGI-Session-4.07/

Credit

Joey Hess - joeyhdebian.org - debian-installer team

Direct URL: http://osvdb.org/23865