Comment 0 for bug 805370

Revision history for this message
David (d--) wrote : /usr/bin/getweb is rather hillarious -- and is vulnerable to "Insecure temporary file creation" weaknesses

/usr/bin/getweb is vulnerable to "Insecure temporary file creation". [0]
While I don't know if anyone uses the getweb command. The script makes a temporary directory in /tmp called foo2zjs it then may download (depending on user input) one or more gzip and extract them in /tmp/foo2zjs.
However, the script does not check if the folder already exists / the return code of mkdir - so the script could possibly result in the over-writing of files or simply extra junk placed in $random places on the file-system.

[0] - http://cwe.mitre.org/data/definitions/377.html

[1] line 488
"
mkdir -p /tmp/foo2zjs
cd /tmp/foo2zjs
"