Title: GNU GNATS Gen-Index Arbitrary Local File Disclosure/Overwrite Vulnerability
Severity: HIGH
Description:
GNU GNATS is a freely available bug tracking system. It is available for a variety of Linux and Unix variant operating environments.
GNU GNATS allows local attackers to disclose and overwrite arbitrary files. This issue exists in the gen-index application supplied with GNATS.
Reportedly, the main() function of the gen-index application does not verify user-supplied arguments and contains an insecure call to the fopen() function that opens files for reading and writing. A local attacker with access to the gen-index application can disclose and overwrite arbitrary files as gen-index is installed with setuid permissions.
A successful attack can result in privilege escalation and a complete compromise of the affected computer. It should be noted that this is only present if a GNATS user does not exist.
GNU GNATS 4.0 and 4.1.0 are reported to be affected. Other versions may be vulnerable as well.
Affected Products:
- GNU GNATS 4.0.0
- GNU GNATS 4.1.0
References:
- GNU: Gnats Homepage
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
