Title: FreeBSD periodic /tmp File Race Condition Vulnerability
Severity: LOW
Description:
FreeBSD is a freely available, open source implementation of the BSD-UNIX Operating system, maintained and distributed by the BSD Project. Periodic is a timed execution package included with recent release of the operating system.
A problem in the periodic implementation could allow an attacker to append to and corrupt files with write access granted only to the superuser. When cron is executed, it normally calls periodic to execute the commands according to their timed sequence. However, when the process is spawned, files are created in the /tmp directory in an insecure manner, allowing for prediction and brute force guessing of future file names.
This problem makes it possible for a local user with malicious motives to symbolicially link access restricted files and append output to them, resulting in the corruption of the file.
Affected Products:
- FreeBSD FreeBSD 4.0.0
- FreeBSD FreeBSD 4.1.0
- FreeBSD FreeBSD 4.1.1
- FreeBSD FreeBSD 4.2.0
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
