oss-sec mailing list archives
Re: Request for CVE Identifier: bzexe insecure temporary file
From: vladz <vladz () devzero fr>
Date: Fri, 28 Oct 2011 15:10:26 +0200
Hi, On Fri, Oct 28, 2011 at 02:22:13PM +0200, Hanno Böck wrote:
Am Fri, 28 Oct 2011 07:48:16 -0400 (EDT) schrieb Ramon de C Valle <rcvalle () redhat com>:This is a security issue reported by vladz in bzexe. This is a low impact security issue, since bzexe is rarely used and the race condition window is very narrow, but still exploitable.Have you checked if this also affects gzexe? It is pretty much the same as bzexe, just using gzip instead of bzip2. (afaik, no xzexe exists)
I already checked gzexe and it's not affected because it use "mktemp" to create its temporary directory. For the same purposes, bzexe use "/tmp/command" as directory name. Best regards, vladz.
Current thread:
- Request for CVE Identifier: bzexe insecure temporary file Ramon de C Valle (Oct 28)
- Re: Request for CVE Identifier: bzexe insecure temporary file Hanno Böck (Oct 28)
- Re: Request for CVE Identifier: bzexe insecure temporary file Ramon de C Valle (Oct 28)
- Re: Request for CVE Identifier: bzexe insecure temporary file Benjamin Renaut (Oct 28)
- Re: Request for CVE Identifier: bzexe insecure temporary file vladz (Oct 28)
- Re: Request for CVE Identifier: bzexe insecure temporary file Kurt Seifried (Oct 28)
- Re: Request for CVE Identifier: bzexe insecure temporary file vladz (Nov 06)
- Re: Request for CVE Identifier: bzexe insecure temporary file Hanno Böck (Oct 28)