Title: UnixWare CDE DTLogin Log Directory Insecure Permissions Vulnerability
Severity: MODERATE
Description:
dtlogin is a utility that allows users to log into a CDE session
either locally or remotely. dtlogin logs errors to /var/dt/Xerrors.
A configuration-related issue has been discovered with dtlogin packaged with Unixware 7.1 systems.
By default, the log directory /var/dt used by CDE is created with
permissions of 0777. Since files in this directory are created by
processes that run as root, this could lead to a symbolic link attack
against system files. A file exploited by this type of symbolic link
attack would be overwritten with arbitrary data, resulting in file
corruption.
This also has a potential to cause a denial of service or a loss of critical data. There also exists a possibility that a local attacker may gain elevated privileges as a result of this issue.
This issue has been confirmed for Unixware 7.1, it is not known whether other versions or distributions are affected by this issue.
Affected Products:
- Caldera UnixWare 7.1.0 .0
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
