GLSA-200407-01 : Esearch: Insecure temp file handling

High Nessus Plugin ID 14534


The remote Gentoo host is missing one or more security-related patches.


The remote host is affected by the vulnerability described in GLSA-200407-01 (Esearch: Insecure temp file handling)

The eupdatedb utility uses a temporary file (/tmp/ to indicate that the eupdatedb process is running. When run, eupdatedb checks to see if this file exists, but it does not check to see if it is a broken symlink. In the event that the file is a broken symlink, the script will create the file pointed to by the symlink, instead of printing an error and exiting.
Impact :

An attacker could create a symlink from /tmp/ to a nonexistent file (such as /etc/nologin), and the file will be created the next time esearchdb is run.
Workaround :

There is no known workaround at this time. All users should upgrade to the latest available version of esearch.


All users should upgrade to the latest available version of esearch, as follows:
# emerge sync # emerge -pv '>=app-portage/esearch-0.6.2' # emerge '>=app-portage/esearch-0.6.2'

See Also

Plugin Details

Severity: High

ID: 14534

File Name: gentoo_GLSA-200407-01.nasl

Version: $Revision: 1.13 $

Type: local

Published: 2004/08/30

Modified: 2015/04/13

Dependencies: 12634

Risk Information

Risk Factor: High


Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:gentoo:linux:esearch, cpe:/o:gentoo:linux

Required KB Items: Host/local_checks_enabled, Host/Gentoo/release, Host/Gentoo/qpkg-list

Patch Publication Date: 2004/07/01

Vulnerability Publication Date: 2004/07/01

Reference Information

CVE: CVE-2004-0655

OSVDB: 7358

GLSA: 200407-01