Info

Disclosure

Mar 10, 2004

Discovery

Unknown

Dates

Exploit

Mar 10, 2004

Solution

Unknown

Description

Sysstat contains a flaw that may allow a malicious user to overwrite arbitrary files. The issue is triggered when malicious symbolic links in the /tmp directory are created. It is possible that the flaw may allow for a privilege escalation and the deletion of arbitrary files resulting in a loss of confidentiality and integrity.

Classification

Location: Local Access Required
Attack Type: Race Condition
Impact: Loss of Confidentiality, Loss of Integrity
Exploit: Exploit Public
Disclosure: OSVDB Verified

Solution

Upgrade to Sysstat 5.0.2 or later, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds. Users will need to consult their distribution specific documentation as binary packages might be using a different naming scheme or have a customized version of sysstat that varies from the source upgrade and binary package listed.

Products

Sysstat	sysstat	4.x
		5.0.1

References

ISS X-Force ID: 15428
CVE ID: 2004-0107 (see also: NVD)
Related OSVDB ID: 6885
Bugtraq ID: 9838
Vendor URL: http://perso.wanadoo.fr/sebastien.godard/
CIAC Advisory: o-097
RedHat RHSA: RHSA-2004:093

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/6884