[CVE-2007-5200] hugin allows local users to overwrite arbitrary files via a symlink attack on a temporary file.
Bug #162602 reported by
Stephan Rügamer
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
hugin (Debian) |
Fix Released
|
Unknown
|
|||
hugin (Fedora) |
Fix Released
|
Medium
|
|||
hugin (Ubuntu) |
Fix Released
|
Undecided
|
William Grant | ||
Edgy |
Fix Released
|
Undecided
|
Stephan Rügamer | ||
Feisty |
Fix Released
|
Undecided
|
Stephan Rügamer | ||
Gutsy |
Fix Released
|
Undecided
|
Stephan Rügamer | ||
Hardy |
Fix Released
|
Undecided
|
William Grant |
Bug Description
Binary package hint: hugin
Dear Colleagues,
according to the CVE hugin allows local users to overwrite arbitrary files via a symlink attack on a temporary file.
Please find attached debdiffs for edgy, feisty and gutsy, which will fix this issue.
Regards,
\sh
Related branches
CVE References
Changed in hugin: | |
assignee: | nobody → shermann |
status: | New → In Progress |
Changed in hugin: | |
assignee: | nobody → fujitsu |
status: | New → In Progress |
assignee: | nobody → shermann |
status: | New → In Progress |
assignee: | fujitsu → shermann |
assignee: | nobody → shermann |
status: | New → In Progress |
Changed in hugin: | |
assignee: | shermann → fujitsu |
Changed in hugin: | |
status: | Unknown → Fix Released |
Changed in hugin: | |
status: | Fix Committed → Fix Released |
status: | Fix Committed → Fix Released |
status: | Fix Committed → Fix Released |
Changed in hugin: | |
status: | Unknown → New |
Changed in hugin: | |
status: | New → Fix Released |
Changed in hugin (Fedora): | |
importance: | Unknown → Medium |
To post a comment you must log in.
Hugin was reported to create temporary / debug files in unsafe manner. During debug_optim_ results. txt . If file was already created by other user,
the optimizer run, it creates debug output file with pre-defined name:
/tmp/hugin_
hugin gives an error message.
This problem can be abused by malicious local user to perform symlink attack
against user running hugin, which will result in overwrite of arbitrary file
writable by user running hugin with panorama optimizer output.
There does not seem to be any upstream patch at the moment. Updated package was
released for openSuSE, which resolves this problem by disabling creation of
debug file.