Title: shadow-utils /etc/default Temp File Race Condition Vulnerability
Severity: LOW
Description:
shadow-utils is a freely available, open source software package available with most distributions of the Linux Operating System. shadow-utils provides a higher level of security to systems by providing stronger cryptography and secure account management tools.
A problem in the package could create the opportunity for a symbolic link attack. During execution of the passwd program, temporary files are created in the /etc/default directory. The files created in this directory use predictable filenames. In the event of the /etc/default directory being world writable, it is possible to create a range of symbolic links to files owned by another user that could overwrite or append to files that are write-accessible by the UID of the passwd process. This could make it possible for a user with malicious motives to overwrite or append to and corrupt files writable by the UID of the passwd process.
Affected Products:
- MandrakeSoft Linux Mandrake 6.0.0
- MandrakeSoft Linux Mandrake 6.1.0
- MandrakeSoft Linux Mandrake 7.0.0
- MandrakeSoft Linux Mandrake 7.1.0
- MandrakeSoft Linux Mandrake 7.2.0
- RedHat Linux 7.0.0
- WireX Immunix OS 7.0.0 -Beta
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
