OSVDB ID: 6381

Title: AOL Instant Messenger (AIM) Sniff aimSniff.pl Symlink Arbitrary File Overwrite

Info

Disclosure

Feb 12, 2004

Discovery

Unknown

Dates

Exploit

Feb 12, 2004

Solution

Unknown

Description

AIMsniff contains a flaw that may allow a malicious user to overwrite any file on your filesystem. The issue is triggered when AIMsniff exists, and writes to /tmp/AS.log. It is possible that the flaw may allow a race condition resulting in a loss of integrity and availability.

Classification

Location: Local Access Required
Attack Type: Denial of Service, Race Condition
Impact: Loss of Integrity, Loss of Availability
Exploit: Exploit Public
Disclosure: OSVDB Verified

Solution

Upgrade to version 0.9d or higher, as it has been reported to fix this vulnerability. It is also possible to correct the flaw by implementing the following workaround(s): in aimsniff.pl, change the line saying: open(LOG,">/tmp/AS.log") or die "Could not open debug file: $^E\n"; to: unlink("/tmp/AS.log"); sysopen(FH,"/tmp/AS.log",O_WRONLY|O_EXECL|O_CREAT,0600); (or) Change (at line 55): my $debug2=1; to: my $debug2=0;

Products

Shawn Grimes	AIM Sniff	0.9
		0.9b

References

ISS X-Force ID: 15199
CVE ID: 2004-0279 (see also: NVD)
Bugtraq ID: 9653
Mail List Post: http://marc.theaimsgroup.com/?l=bugtraq&m=107662243303439&w=2
Vendor URL: http://www.aimsniff.com
Vendor Specific Solution URL: http://www.aimsniff.com/forum/viewtopic.php?t=509

Credit

Martin - broadcastptraced.net -

Direct URL: http://osvdb.org/6381

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Shawn Grimes

AIM Sniff

References

Credit