发布时间 :2003-07-24 00:00:00
修订时间 :2008-09-05 16:34:19

[原文]eldav WebDAV client for Emacs, version 0.7.2 and earlier, allows local users to create or overwrite arbitrary files via a symlink attack on temporary files.



- CVSS (基础分值)

CVSS分值: 1.2 [轻微(LOW)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: NONE [对系统可用性无影响]
攻击复杂度: HIGH [漏洞利用存在特定的访问条件]
攻击向量: LOCAL [漏洞利用需要具有物理访问权限或本地帐户]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)


- OVAL (用于检测的技术细节)


- 官方数据库链接
(官方数据源) MITRE
(官方数据源) NVD
(官方数据源) CNNVD

- 其它链接及资源

- 漏洞信息

低危 访问验证错误
2003-07-24 00:00:00 2005-11-29 00:00:00

- 公告与补丁


- 漏洞信息

eldav Insecure Temporary File Creation

- 漏洞描述

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 325-1 Matt Zimmerman June 19th, 2003 - -------------------------------------------------------------------------- Package : eldav Vulnerability : insecure temporary file Problem-Type : local Debian-specific: no CVE Ids : CAN-2003-0438 eldav, a WebDAV client for Emacs, creates temporary files without taking appropriate security precautions. This vulnerability could be exploited by a local user to create or overwrite files with the privileges of the user running emacs and eldav. For the stable distribution (woody) this problem has been fixed in version 0.0.20020411-1woody1. The old stable distribution (potato) does not contain an eldav package. For the unstable distribution (sid) this problem has been fixed in version 0.7.2-1. We recommend that you update your eldav package. Upgrade Instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.0 alias woody - -------------------------------- Source archives: Size/MD5 checksum: 592 9dd06517b53570a595d5c368924ceda1 Size/MD5 checksum: 3814 c4400b418452e1aea9a115a2af82e1aa Size/MD5 checksum: 12319 3b62e4b9b05eb1c8ef27e9f5d3b98db2 Architecture independent components: Size/MD5 checksum: 15546 5dc5beca6a1c57b5a4b32968ebc07da4 These files will probably be moved into the stable distribution on its next revision. - --------------------------------------------------------------------------------- For apt-get: deb stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: Package info: `apt-cache show <pkg>' and<pkg> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux) iD8DBQE+8iAwArxCt0PiXR4RArGiAJ0dsiLwzY7T1kS61iKbSfIQeq2YRQCgvNkx /eVKdD6yTvGG2Vw0/ipLy8M= =zUSA -----END PGP SIGNATURE-----

- 时间线

2003-06-19 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

ELDAV Insecure Temporary File Vulnerability
Access Validation Error 7987
No Yes
2003-06-19 12:00:00 2009-07-11 10:06:00
Discovery of this vulnerability credited to Tatsuya Kinoshita.

- 受影响的程序版本

Eldav Eldav 0.7
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0
Eldav Eldav 0.7.2
Eldav Eldav 0.7.1

- 不受影响的程序版本

Eldav Eldav 0.7.2
Eldav Eldav 0.7.1

- 漏洞讨论

Eldav has been reported prone to an insecure temporary file creation vulnerability. As a result, it may be possible for local attackers to corrupt files owned by the user who is invoking the eldav application.

- 漏洞利用

There is no exploit required.

- 解决方案

The following fixes are available:

Eldav Eldav 0.7

- 相关参考