SEO
vBulletin Search Engine Optimization
| |||||||
| Register | FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
04-20-2008, 12:12 PM
| ||||
| ||||
 Aaaaaaaaaaaooooooogah - security alert http://secunia.com/advisories/22223/ Description: Larry Cashdollar has discovered a vulnerability in IBM Informix Dynamic Server, which can be exploited by malicious, local users to perform certain actions with escalated privileges. The vulnerability is caused due to the temporary file "/tmp/installserver.txt" being created insecurely during the install process. This can be exploited via symlink attacks to append data to arbitrary files with privileges of the user running the installation script. The vulnerability has been confirmed in version 10.UC3RC1 Trial for Linux. Other versions may also be affected. Solution: Grant only trusted user access to affected systems. Can this be solved by setting DBTEMP to a secure directory? Andrew Ford      |
|
04-20-2008, 12:14 PM
| ||||
| ||||
| Re: Aaaaaaaaaaaooooooogah - security alert Ford, Andrew G wrote: > http://secunia.com/advisories/22223/ > > Description: > Larry Cashdollar has discovered a vulnerability in IBM Informix Dynamic > Server, which can be exploited by malicious, local users to perform > certain actions with escalated privileges. > > The vulnerability is caused due to the temporary file > "/tmp/installserver.txt" being created insecurely during the install > process. This can be exploited via symlink attacks to append data to > arbitrary files with privileges of the user running the installation > script. > > The vulnerability has been confirmed in version 10.UC3RC1 Trial for > Linux. Other versions may also be affected. It affects Unix/Linux versions of IDS 10.00 and CSDK or I-Connect 2.90. It does not affect earlier versions. It probably doesn't directly affect Windows, but I'm not certain of that. It is an install-time problem; once the product is installed, there is no further vulnerability from this cause. > Solution: > Grant only trusted user access to affected systems. While you are doing the install - that's a good idea. More seriously, remove any file or symlink /tmp/installserver.txt (not sure of the file name for CSDK) before doing any install. Once the install is complete, you could let your untrusted users back onto the system. > Can this be solved by setting DBTEMP to a secure directory? No. |
Linear Mode
