CVE-2003-0438
CVSS1.2
发布时间 :2003-07-24 00:00:00
修订时间 :2008-09-05 16:34:19
NMCOS    

[原文]eldav WebDAV client for Emacs, version 0.7.2 and earlier, allows local users to create or overwrite arbitrary files via a symlink attack on temporary files.


[CNNVD]ELDAV不安全临时文件漏洞(CNNVD-200307-042)

        
        eldav是一款Emacs的WebDAV客户端。
        eldav在建立临时文件的时候缺少正确的安全检查,本地攻击者可以用这个漏洞通过符号链接以运行emacs和eldav用户权限覆盖系统任意文件。
        目前没有详细漏洞细节提供。
        

- CVSS (基础分值)

CVSS分值: 1.2 [轻微(LOW)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: NONE [对系统可用性无影响]
攻击复杂度: HIGH [漏洞利用存在特定的访问条件]
攻击向量: LOCAL [漏洞利用需要具有物理访问权限或本地帐户]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

产品及版本信息(CPE)暂不可用

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0438
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-0438
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200307-042
(官方数据源) CNNVD

- 其它链接及资源

http://www.debian.org/security/2003/dsa-325
(VENDOR_ADVISORY)  DEBIAN  DSA-325

- 漏洞信息

ELDAV不安全临时文件漏洞
低危 访问验证错误
2003-07-24 00:00:00 2005-11-29 00:00:00
本地  
        
        eldav是一款Emacs的WebDAV客户端。
        eldav在建立临时文件的时候缺少正确的安全检查,本地攻击者可以用这个漏洞通过符号链接以运行emacs和eldav用户权限覆盖系统任意文件。
        目前没有详细漏洞细节提供。
        

- 公告与补丁

        厂商补丁:
        Debian
        ------
        
        http://www.debian.org/security/2003/dsa-325

- 漏洞信息

2203
eldav Insecure Temporary File Creation

- 漏洞描述

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 325-1 security@debian.org http://www.debian.org/security/ Matt Zimmerman June 19th, 2003 http://www.debian.org/security/faq - -------------------------------------------------------------------------- Package : eldav Vulnerability : insecure temporary file Problem-Type : local Debian-specific: no CVE Ids : CAN-2003-0438 eldav, a WebDAV client for Emacs, creates temporary files without taking appropriate security precautions. This vulnerability could be exploited by a local user to create or overwrite files with the privileges of the user running emacs and eldav. For the stable distribution (woody) this problem has been fixed in version 0.0.20020411-1woody1. The old stable distribution (potato) does not contain an eldav package. For the unstable distribution (sid) this problem has been fixed in version 0.7.2-1. We recommend that you update your eldav package. Upgrade Instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.0 alias woody - -------------------------------- Source archives: http://security.debian.org/pool/updates/main/e/eldav/eldav_0.0.20020411-1woody1.dsc Size/MD5 checksum: 592 9dd06517b53570a595d5c368924ceda1 http://security.debian.org/pool/updates/main/e/eldav/eldav_0.0.20020411-1woody1.diff.gz Size/MD5 checksum: 3814 c4400b418452e1aea9a115a2af82e1aa http://security.debian.org/pool/updates/main/e/eldav/eldav_0.0.20020411.orig.tar.gz Size/MD5 checksum: 12319 3b62e4b9b05eb1c8ef27e9f5d3b98db2 Architecture independent components: http://security.debian.org/pool/updates/main/e/eldav/eldav_0.0.20020411-1woody1_all.deb Size/MD5 checksum: 15546 5dc5beca6a1c57b5a4b32968ebc07da4 These files will probably be moved into the stable distribution on its next revision. - --------------------------------------------------------------------------------- For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux) iD8DBQE+8iAwArxCt0PiXR4RArGiAJ0dsiLwzY7T1kS61iKbSfIQeq2YRQCgvNkx /eVKdD6yTvGG2Vw0/ipLy8M= =zUSA -----END PGP SIGNATURE-----

- 时间线

2003-06-19 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

ELDAV Insecure Temporary File Vulnerability
Access Validation Error 7987
No Yes
2003-06-19 12:00:00 2009-07-11 10:06:00
Discovery of this vulnerability credited to Tatsuya Kinoshita.

- 受影响的程序版本

Eldav Eldav 0.7
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0
Eldav Eldav 0.7.2
Eldav Eldav 0.7.1

- 不受影响的程序版本

Eldav Eldav 0.7.2
Eldav Eldav 0.7.1

- 漏洞讨论

Eldav has been reported prone to an insecure temporary file creation vulnerability. As a result, it may be possible for local attackers to corrupt files owned by the user who is invoking the eldav application.

- 漏洞利用

There is no exploit required.

- 解决方案

The following fixes are available:


Eldav Eldav 0.7

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站