SecurityTeam US
 
 Welcome to SecurityTeam US
 Wednesday, October 22 2014 @ 05:36 PM EDT

openMosixview Insecure Temporary File Creation Vulnerabilities

   
LinuxGangstuck and Psirac have reported some vulnerabilities in openMosixview, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges.

The vulnerabilities are caused due to various temporary files being created insecurely with predictable filenames. This can be exploited via symlink attacks to create or overwrite arbitrary files on the system with the privileges of the user running openmosixview or the openmosixcollector daemon.

The vulnerabilities have been reported in versions 1.5 and prior.

SOFTWARE:
openMosixview 1.x

SOLUTION:
Grant only trusted users access to affected systems.

VERIFY ADVISORY:
http://secunia.com/advisories/14693/

Secunia Security Advisories

 

What's Related

Story Options

openMosixview Insecure Temporary File Creation Vulnerabilities | 0 comments | Create New Account
The following comments are owned by whomever posted them. This site is not responsible for what they say.
 Copyright © 2014 SecurityTeam US
 All trademarks and copyrights on this page are owned by their respective owners.
  Get Firefox!
Dedicated Servers
Created this page in 0.15 seconds