OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
[sec-adv] Debian semi/wemi Insecure Temporary File Creation Vulnerability

From: Secunia Security Advisories (sec-advsecunia.com)
Date: Mon Jul 07 2003 - 06:22:25 CDT

TITLE:
Debian semi/wemi Insecure Temporary File Creation Vulnerability

READ ONLINE:
http://www.secunia.com/advisories/9185/

CRITICAL:
Less critical

IMPACT:
Privilege escalation

WHERE:
Local system

OPERATING SYSTEM:
Debian GNU/Linux unstable alias sid
Debian GNU/Linux 3.0

DESCRIPTION:
Debian has reported a vulnerability in semi/wemi, which can be
exploited by malicious, local users to escalate their privileges on a
vulnerable system.

The vulnerability is caused due to insecure creation of temporary
files, which potentially could be exploited via a symlink attack to
overwrite arbitrary files with the privileges of the user running
Emacs and semi/wemi.

SOLUTION:
Updated packages:

-- Debian GNU/Linux 3.0 alias woody --

Source archives:

http://security.debian.org/pool/updates/main/s/semi/semi_1.14.3.cvs.2001.08.10-1woody2.dsc
Size/MD5 checksum: 620 3949b7a3bc726a8f96b24adf5c965e37
http://security.debian.org/pool/updates/main/s/semi/semi_1.14.3.cvs.2001.08.10-1woody2.diff.gz
Size/MD5 checksum: 20481 abd8c72197b6fc901c454247d8750ea4
http://security.debian.org/pool/updates/main/s/semi/semi_1.14.3.cvs.2001.08.10.orig.tar.gz
Size/MD5 checksum: 134788 2f0dd2581b1350a0a5249bb6c8ea18f0
http://security.debian.org/pool/updates/main/w/wemi/wemi_1.14.0.20010802wemiko-1.3.dsc
Size/MD5 checksum: 630 a0dfbca5275f27cbf0a5849390c15a25
http://security.debian.org/pool/updates/main/w/wemi/wemi_1.14.0.20010802wemiko-1.3.diff.gz
Size/MD5 checksum: 29933 23b2c6e66f69683c4892d7ac16ff7337
http://security.debian.org/pool/updates/main/w/wemi/wemi_1.14.0.20010802wemiko.orig.tar.gz
Size/MD5 checksum: 138332 e58f2eda9401df7493584e7f064b2ed1

Architecture independent components:

http://security.debian.org/pool/updates/main/s/semi/semi_1.14.3.cvs.2001.08.10-1woody2_all.deb
Size/MD5 checksum: 175496 73a1be04f4457ae6c92e487dc42c09d0
http://security.debian.org/pool/updates/main/w/wemi/wemi_1.14.0.20010802wemiko-1.3_all.deb
Size/MD5 checksum: 173030 241fc879552c26a4a8a62b9874adaab0

-- Debian GNU/Linux unstable alias sid --

Fixed in semi version 1.14.5+20030609-1. Sid does not include wemi.

ORIGINAL ADVISORY:
http://lists.debian.org/debian-security-announce/debian-security-announce-2003/msg00136.html

----------------------------------------------------------------------

Secunia recommends that you verify all advisories you receive, by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

Contact details:
Web : http://www.secunia.com/
E-mail : supportsecunia.com
Tel : +44 (0) 20 7016 2693
Fax : +44 (0) 20 7637 0419

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories

----------------------------------------------------------------------