CVE ASSIGNMENT: extplorer: creates world writable directory /var/lib/extplorer/ftp_tmp

[Kurt Seifried <kseifried () redhat com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

extplorer: creates world writable directory /var/lib/extplorer/ftp_tmp

bugs.debian.org/cgi-bin/bugreport.cgi?bug=683649

Package: extplorer
Version: 2.1.0b6+dfsg.3-3
Severity: grave
Tags: security
Justification: user security hole
User: debian-qa () lists debian org
Usertags: piuparts

Hi,

during a test with piuparts I noticed that your packages creates a world
writable directory:

    drwxrwxrwx 2 root root 60 Aug  1 07:46 /var/lib/extplorer/ftp_tmp

There any local user may delete/replace arbitrary files that were not
created by the user himself.

If the write permissions cannot be restricted to a user or group, the
sticky bit should be set on the directory to prevent users from
manipulating files they don't own.


Andreas


Please use CVE-2012-3454 for this issue.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJQHBMhAAoJEBYNRVNeJnmTEwQP/3LeBbxnOOJieArdbEkJPZZg
Z6LSDc89DrRIB2M2y5Mfjng39WgLmDk/Nn9t20ht6f5NypThm0vXu/G/+veMFvqu
OcY2O9AkN3aixkW8gzog4Owv4xpwh4LyMkcOhVkUZSiZt1LcW4uHvc5rgl//xe+k
VO+bHLz5KkN2kpdhB6Baj1uoLCLuv/X1D031iGaiJi/rXJY8pLLF9BTQYtLKSvzH
sDafYfkvVjJKQzm0BWGpCVnnDc7YWKqom0WLRRBpEOi3u2cs0wICpzLMidAclADi
DZe+wPw/ZQAhFN85Vtp/zBzZ1sVu/jhTODEEl00SNR6EDBzmkvWXmz0RD/tX3Hi5
aGIp8H0Ek/QfVYQ0zBM3kiAE0rPtQW8Hhs3E4wy+spQYbFJ8h5x4C0yAGz2jW9ni
xpn2kW0VrE32Jj141i/Xmpszf4sgliUeiRWaL/2jc/7/Z6qrl+N/ZJH93MCtEGmu
Y3vKA1uVE9lJcbpfKWAKgpKgJToZQMj4eM4TYcjJJ64gmVCWfB1G2VqCYWyX/RFt
PBPxYsqlaMSLWYPlYN51A3uWz6iiP1bfU8/h1biU0sEZPyvOFmEzv64MMKPQakZx
U3vL9hAkRhg1ANus2sAWTECdSvlpop7qDd0rwHqR3N+vuOMpRer/LALlFmgwKxo3
PhFZegy/eLjRaLfO2ao5
=JAx5
-----END PGP SIGNATURE-----