Title: inn /tmp File Race Condition Vulnerability
Severity: LOW
Description:
inn is a freely available, open source Usenet software package maintained and available through the ISC, and packaged with various distributions of the Linux Operating System. A vulnerability exists which could allow a race condition to occur.
The problem occurs in the in the creation and handling of /tmp files by the inn program. Under some circumstances, inn will create files in the /tmp directory that use a predictable filename. In addition, inn may not check for the existance of these files. It is possible to create a range of symbolic links using predicted filenames in the /tmp directory, which could result in a symbolic link attack. This makes it possible for a user with malicious intent to symbolically link a file that's write-accessible by the UID of the inn process, and potentially overwrite or append to and corrupt the linked file.
Affected Products:
- Caldera OpenLinux Desktop 2.3.0
- Debian Linux 2.2.0
- Debian Linux 2.2.0 68k
- Debian Linux 2.2.0 alpha
- Debian Linux 2.2.0 arm
- Debian Linux 2.2.0 sparc
- MandrakeSoft Linux Mandrake 6.0.0
- MandrakeSoft Linux Mandrake 6.1.0
- MandrakeSoft Linux Mandrake 7.0.0
- MandrakeSoft Linux Mandrake 7.1.0
- MandrakeSoft Linux Mandrake 7.2.0
- RedHat Linux 7.0.0
- SCO eDesktop 2.4.0
- SCO eServer 2.3.0
- WireX Immunix OS 7.0.0 -Beta
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
