X-CD-Roast Insecure File Creation Vulnerability [بایگانی] - انجمن گروه آشیانه

توجه ! این یک نسخه آرشیو شده میباشد و در این حالت شما عکسی را مشاهده نمیکنید برای مشاهده کامل متن و عکسها بر روی لینک مقابل کلیک کنید : X-CD-Roast Insecure File Creation Vulnerability

NI3

11-08-2003, 10:54 AM

TITLE:
X-CD-Roast Insecure File Creation Vulnerability

SECUNIA ADVISORY ID:
SA10162

VERIFY ADVISORY:
[Only registered and activated users can see links]

CRITICAL:
Less critical

IMPACT:
Privilege escalation

WHERE:
Local system

SOFTWARE:
X-CD-Roast 0.x

DESCRIPTION:
A vulnerability has been reported in X-CD-Roast, which can be
exploited by malicious, local users to overwrite arbitrary files with
escalated privileges.

The problem is that certain files are created insecurely, which can
be exploited via symlink attacks.

SOLUTION:
Update to version 0.98alpha15.
[Only registered and activated users can see links]

REPORTED BY / CREDITS:
Stefan Nordhausen

ORIGINAL ADVISORY:
[Only registered and activated users can see links]

----------------------------------------------------------------------