oss-sec mailing list archives

CVE Request -- fail2ban -- Use of insecure default temporary file when unbanning an IP (tmpfile = /tmp/fail2ban-mail.txt)

From: Jan Lieskovsky <jlieskov () redhat com>
Date: Fri, 29 Apr 2011 13:02:04 +0200


Hello Josh, Steve, vendors,

  It was found that fail2ban IPs banner used insecure default temporary file
when unbanning an IP address. A local attacker could use this flaw to conduct
symlink attacks in order to gain access to sensitive information or potentially
to overwrite arbitrary file on the system.

References:
[1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=544232
[2] https://bugzilla.redhat.com/show_bug.cgi?id=700763

Patch applied by Debian distribution:
[3] http://git.onerussian.com/?p=deb/fail2ban.git;a=commitdiff;h=ea7d352616b1e2232fcaa99b11807a86ce29ed8b

Could you allocate a CVE id for this? (Note: It should CVE-2009-* identifier)

Thank you & Regards, Jan.
--
Jan iankko Lieskovsky / Red Hat Security Response Team

Current thread:

CVE Request -- fail2ban -- Use of insecure default temporary file when unbanning an IP (tmpfile = /tmp/fail2ban-mail.txt) Jan Lieskovsky (Apr 29)
- Re: CVE Request -- fail2ban -- Use of insecure default temporary file when unbanning an IP (tmpfile = /tmp/fail2ban-mail.txt) Josh Bressers (May 02)