Mandrake Linux Security Advisory : tripwire (MDKSA-2001:064)

medium Nessus Plugin ID 13879

Synopsis

The remote Mandrake Linux host is missing a security update.

Description

Jarno Juuskonen reported that a temporary file vulnerability exists in versions of Tripwire prior to 2.3.1-2. Because Tripwire opens/creates temporary files in /tmp without the O_EXCL flag during filesystem scanning and database updating, a malicious user could execute a symlink attack against the temporary files. This new version has all but one unsafe temporary file open fixed. It can still be used safely when using the new TEMPDIRECTORY configuration option, which is now set to /root/tmp.

Solution

Update the affected tripwire package.

Plugin Details

Severity: Medium

ID: 13879

File Name: mandrake_MDKSA-2001-064.nasl

Version: 1.18

Type: local

Family: Mandriva Local Security Checks

Published: 7/31/2004

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.5

CVSS v2

Risk Factor: Medium

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:tripwire, cpe:/o:mandrakesoft:mandrake_linux:8.0

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Patch Publication Date: 7/18/2001

Reference Information

CVE: CVE-2001-0774

MDKSA: 2001:064

Detections

Analytics