Mandrake Linux Security Advisory : tripwire (MDKSA-2001:064)
Medium Nessus Plugin ID 13879
SynopsisThe remote Mandrake Linux host is missing a security update.
DescriptionJarno Juuskonen reported that a temporary file vulnerability exists in versions of Tripwire prior to 2.3.1-2. Because Tripwire opens/creates temporary files in /tmp without the O_EXCL flag during filesystem scanning and database updating, a malicious user could execute a symlink attack against the temporary files. This new version has all but one unsafe temporary file open fixed. It can still be used safely when using the new TEMPDIRECTORY configuration option, which is now set to /root/tmp.
SolutionUpdate the affected tripwire package.