Title: dialog /tmp File Race Condition Vulnerability
Severity: LOW
Description:
dialog is a program available with distributions of the Linux Operating System. A problem exists which could allow a user to append to or overwrite files owned by another user.
Various programs such as debconf are dependent upon dialog. However, dialog creates lock files in the /tmp directory insecurely. A brute force attack involving creating numerous symbolic links in the /tmp filesystem makes it possible to truncate any linked file that is writable by the user executing dialog (be it directly, or through another program). It is possible for a user with malicious intent to exploit this vulnerability and truncate, corrupt, or overwrite sensitive files that privileged only to the user executing dialog.
Affected Products:
- Debian Linux 2.2.0
- Debian Linux 2.2.0 68k
- Debian Linux 2.2.0 alpha
- Debian Linux 2.2.0 arm
- Debian Linux 2.2.0 powerpc
- Debian Linux 2.2.0 sparc
- Turbolinux Turbolinux 6.0.0
- Turbolinux Turbolinux 6.0.1
- Turbolinux Turbolinux 6.0.2
- Turbolinux Turbolinux 6.0.3
- Turbolinux Turbolinux 6.0.4
- Turbolinux Turbolinux 6.0.5
- Turbolinux Turbolinux Server 6.5.0
- Turbolinux Turbolinux Workstation 6.1.0
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
