Secunia Logo
 Vulnerability IntelligenceVulnerability ScanningCommunity - new!Blog - new entry!Corporate InformationOnline ShopCustomer Login  
 Secunia AdvisoriesSecunia ResearchBinary Analysis  
Home > Vulnerability Intelligence > Secunia Advisories > Debian LPRng Insecure Temporary File Creation
Secunia Advisories
Advisories
Search
Advisories by Product
Advisories by Vendor
Historic Advisories
Mailing Lists & RSS
Report Vulnerability
Contact Form
Business Solutions Restricted
Partner Solutions Restricted
About
 
Debian LPRng Insecure Temporary File Creation
Secunia Advisory: SA8593
Advisory Toolbox:
Issue ticket
Save in to-do list
Mark as handled
Exploit information
Download as PDF
Review actions
Add comment
Release Date: 2003-04-15
Popularity: 5,627 views

Critical:
Not critical
Impact: Privilege escalation
Where: Local system
Solution Status: Vendor Patch

OS:Debian GNU/Linux 3.0
Debian GNU/Linux unstable alias sid
Subscribe: Instant alerts on relevant vulnerabilities

CVE reference:CVE-2003-0136
Description:
Debian has reported a vulnerability, which can be exploited by malicious, local users to overwrite certain files on the system.

The vulnerability has been identified in "psbanner" when configured as a filter and is caused due to insecure creation of the temporary file "/tmp/before" used for debugging purposes. The problem is that there are no checks to determine, whether the file already exists or is linked to another place.

Successful exploitation allows a malicious user to overwrite files on the system owned by the "daemon" user.

Solution:
Updated packages:

-- Debian GNU/Linux 3.0 alias woody --

Source archives:

http://security.debian.org/pool/updates/main/l/lprng/lprng_3.8.10-1.2.dsc
Size/MD5 checksum: 656 5b675ef9bc39b470e3ec8cb1b88150b4
http://security.debian.org/pool/updates/main/l/lprng/lprng_3.8.10-1.2.diff.gz
Size/MD5 checksum: 17298 53d5ce171d250135756bf4682a82737d
http://security.debian.org/pool/updates/main/l/lprng/lprng_3.8.10.orig.tar.gz
Size/MD5 checksum: 5125140 3127e3793b94bd4a403a3809b1d8467b

Architecture independent components:

http://security.debian.org/pool/updat.../l/lprng/lprng-doc_3.8.10-1.2_all.deb
Size/MD5 checksum: 1709460 2cec616424b93bfe9df97b0b378b0c6b

Alpha architecture:

http://security.debian.org/pool/updates/main/l/lprng/lprng_3.8.10-1.2_alpha.deb
Size/MD5 checksum: 543788 2889fb7f5dcca329b03edc9f1489e1e6

ARM architecture:

http://security.debian.org/pool/updates/main/l/lprng/lprng_3.8.10-1.2_arm.deb
Size/MD5 checksum: 511150 becc4d3f2165ae49dfbf518ce488caea

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/l/lprng/lprng_3.8.10-1.2_i386.deb
Size/MD5 checksum: 467568 b16f01e1ea4a1c458a6e32829a85c7b3

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/l/lprng/lprng_3.8.10-1.2_ia64.deb
Size/MD5 checksum: 631104 b34cf87d77dd353bf702d403e9561718

HP Precision architecture:

http://security.debian.org/pool/updates/main/l/lprng/lprng_3.8.10-1.2_hppa.deb
Size/MD5 checksum: 544364 b6e5e6f81c4d291c65b55fbe71ac6747

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/l/lprng/lprng_3.8.10-1.2_m68k.deb
Size/MD5 checksum: 467846 2659f796ef5715191e6ab5919cdddb30

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/l/lprng/lprng_3.8.10-1.2_mips.deb
Size/MD5 checksum: 480194 93b19b4230658fa889315579da6d4db2

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/l/lprng/lprng_3.8.10-1.2_mipsel.deb
Size/MD5 checksum: 477314 9edafa58c5a2bf0f3dcbb1c1a1542a78

PowerPC architecture:

http://security.debian.org/pool/updat.../l/lprng/lprng_3.8.10-1.2_powerpc.deb
Size/MD5 checksum: 512804 d0d141a47635f7c4ccf208489d14e6bb

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/l/lprng/lprng_3.8.10-1.2_s390.deb
Size/MD5 checksum: 505336 a897c14ef252fb998395d67c9eeab1cd

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/l/lprng/lprng_3.8.10-1.2_sparc.deb
Size/MD5 checksum: 513382 fc6769e619873033d73a3c7d9cb47fb9


-- Debian GNU/Linux unstable alias sid --

Fixed in version 3.8.20-4.

Provided and/or discovered by:
Karol Lewandowski

Original Advisory:
http://www.debian.org/security/2003/dsa-285

Track this Secunia Advisory
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.

Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.

About this Secunia Advisory
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.

Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
  
Latest Advisories

2nd Dec, 2008
New advisories: 14
New vulnerabilities: 21
Updated advisories: 26

Less // 348 views
Linksys WRT160N Cross-Site Scripting Vulnerability
Less // 333 views
IBM Rational ClearQuest Multiple Vulnerabilities
Not // 261 views
Debian update for flamethrower
Not // 258 views
flamethrower Insecure Temporary Files
Less // 309 views
IBM Rational ClearCase Cross-Site Scripting Vulnerability
Not // 300 views
DAHDI "ZT_SPANCONFIG" IOCTL Privilege Escalation Vulnerability
Not // 296 views
Zaptel "ZT_SPANCONFIG" IOCTL Privilege Escalation Vulnerabilities
Moderately // 279 views
Rumpus Multiple Vulnerabilities
Less // 300 views
bcoos "cid" SQL Injection Vulnerability
Moderately // 317 views
ASP Portal "ASPPortal.mdb" Database Disclosure Security Issue

Solutions | More...  

Send Feedback to Secunia
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.

Ideas, suggestions, and other feedback are most welcome.

Most Popular - 3 Hours

1. ClamAV "cli_check_jpeg_exploit()" Denial of Service Vulnerability // 55 views
2. Linksys WRT160N Cross-Site Scripting Vulnerability // 47 views
3. IBM Rational ClearCase Cross-Site Scripting Vulnerability // 43 views
4. Sun Java JDK / JRE Multiple Vulnerabilities // 42 views
5. IBM Rational ClearQuest Multiple Vulnerabilities // 42 views
6. Mozilla Firefox 3 Multiple Vulnerabilities // 39 views
7. Debian update for flamethrower // 38 views
8. ASP Portal "ASPPortal.mdb" Database Disclosure Security Issue // 37 views
9. DAHDI "ZT_SPANCONFIG" IOCTL Privilege Escalation Vulnerability // 37 views
10. flamethrower Insecure Temporary Files // 36 views



Contact | Terms & Conditions and Copyright | Report Vulnerability | Press | Jobs | About Secunia
Copyright Secunia 2002-2008