Re: wafp insecure temporary directory

[Josh Bressers <bressers () redhat com>]

----- "Henri Salo" <henri () nerv fi> wrote:

> Wafp creates a temporary directory to predictable path and name. This
> allows a local attacker to create a denial of service condition and
> discloses sensitive information to unprivileged users. This also reduces
> usability of this software, because one can't run more than one wafp-
> instances at the same time. This issue can also be leveraged to delete
> arbitrary files or directories via a symlink attack.
>
> I notified the project:
> http://code.google.com/p/webapplicationfingerprinter/issues/detail?id=8
>
> Can I get CVE-identifier for this issue?

Please use CVE-2010-1438.

Thanks.

-- 
    JB