Title: XTel XTel-User Temporary File Race Condition Vulnerability
Severity: MODERATE
Description:
Xtel is a freely available, open source Linux X emulator for minitel. It is maintained by public domain.
A problem with Xtel has been discovered that could allow local users to launch symbolic link attacks. The problem is in the creation of temporary files.
When executed by a user, Xtel generates files in the /tmp directory with the name .xtel-$USER, where $USER represents the user executing Xtel. Xtel does not check for the existance of the .xtel-$USER file prior to execution, to ensure that it does not exist, or in a worse scenario, does not exist as a symbolic link.
Therefore, it is possible for a local user to create a symbolic link using the username of a user of Xtel, and overwrite or corrupt any file belonging to the user executing Xtel.
Affected Products:
- xtel xtel 2.2.0
- xtel xtel 2.3.0
- xtel xtel 2.4.0
- xtel xtel 3.0.0
- xtel xtel 3.1.0
- xtel xtel 3.2.0
- xtel xtel 3.2.1
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
