J-Security Center

Latest Attack Object Updates
  • IDP Daily Update #1545
    posted: 11/19/09
  • NSM Daily Update #1545
    posted: 11/19/09
  • Deep Inspection 5.3r5 and above, 5.4, 6.0 #1545
    posted: 11/19/09
  • Deep Inspection 5.1 and 5.2 #1435
    posted: 11/19/09
  • Deep Inspection 5.0, 5.3r4 and below #1132
    posted: 03/28/08 (04/01/08 for 5.0)
  • Antivirus
    posted: 11/19/09

Title: GNU A2PS psmandup.in Script Insecure Temporary File Vulnerability

Severity: LOW

Description:

GNU a2ps is a file utility that allows users to convert virtually any file type to PostScript format files. It is freely available for UNIX/Linux operating systems as well as Microsoft Windows.

GNU a2ps is prone to a vulnerability that may allow malicious local users to corrupt files. This issue is due to the fact that the 'psmandup.in' script creates temporary files in an insecure manner, allowing symbolic link attacks. For example, if the attacker were to create a symbolic link that is named after one of the temporary files created by the script, then any actions performed by the vulnerable script on the temporary file would actually be performed on the attacker-specified file pointed to by the symbolic link. For this to occur, the file pointed to by the symbolic link would have to be writeable by the user running the script.

This could cause files to be overwritten or appended to, most likely resulting in a denial of service. It is not known if this issue could be leveraged to elevate privileges.

Affected Products:

  • Debian Linux 3.0.0
  • Debian Linux 3.0.0 alpha
  • Debian Linux 3.0.0 arm
  • Debian Linux 3.0.0 hppa
  • Debian Linux 3.0.0 ia-32
  • Debian Linux 3.0.0 ia-64
  • Debian Linux 3.0.0 m68k
  • Debian Linux 3.0.0 mips
  • Debian Linux 3.0.0 mipsel
  • Debian Linux 3.0.0 ppc
  • Debian Linux 3.0.0 s/390
  • Debian Linux 3.0.0 sparc
  • GNU a2ps 4.13.0
  • GNU a2ps 4.13.0 b
  • MandrakeSoft Corporate Server 2.1.0
  • MandrakeSoft Corporate Server 2.1.0 x86_64
  • MandrakeSoft Corporate Server 3.0.0
  • MandrakeSoft Corporate Server 3.0.0 x86_64
  • MandrakeSoft Linux Mandrake 10.0.0
  • MandrakeSoft Linux Mandrake 10.0.0 amd64
  • MandrakeSoft Linux Mandrake 10.1.0
  • MandrakeSoft Linux Mandrake 10.1.0 x86_64
  • MandrakeSoft Linux Mandrake 10.2.0
  • MandrakeSoft Linux Mandrake 10.2.0 x86_64
  • MandrakeSoft Linux Mandrake 9.2.0
  • MandrakeSoft Linux Mandrake 9.2.0 amd64
  • OpenPKG OpenPKG 2.1.0
  • OpenPKG OpenPKG 2.2.0
  • OpenPKG OpenPKG Current
  • Turbolinux Home
  • Turbolinux Turbolinux Desktop 10.0.0
  • Turbolinux Turbolinux Server 10.0.0
  • Turbolinux Turbolinux Server 7.0.0
  • Turbolinux Turbolinux Server 8.0.0
  • Turbolinux Turbolinux Workstation 7.0.0
  • Turbolinux Turbolinux Workstation 8.0.0

References:

Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.