FreeBSD : rkhunter -- insecure temporary file creation (f14ad681-5b88-11dc-812d-0011098b2f36)

Low Nessus Plugin ID 25982


The remote FreeBSD host is missing a security-related update.


Gentoo reports :

Sune Kloppenborg Jeppesen and Tavis Ormandy of the Gentoo Linux Security Team have reported that the script and the main rkhunter script insecurely creates several temporary files with predictable filenames.

A local attacker could create symbolic links in the temporary files directory, pointing to a valid file somewhere on the filesystem. When rkhunter or the script runs, this would result in the file being overwritten with the rights of the user running the utility, which could be the root user.


Update the affected package.

See Also

Plugin Details

Severity: Low

ID: 25982

File Name: freebsd_pkg_f14ad6815b8811dc812d0011098b2f36.nasl

Version: $Revision: 1.11 $

Type: local

Published: 2007/09/05

Modified: 2013/06/22

Dependencies: 12634

Risk Information

Risk Factor: Low


Base Score: 2.1

Temporal Score: 2.1

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:N

Temporal Vector: CVSS2#E:H/RL:U/RC:ND

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:rkhunter, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Exploit Available: true

Exploit Ease: No exploit is required

Patch Publication Date: 2007/09/05

Vulnerability Publication Date: 2005/04/26

Reference Information

CVE: CVE-2005-1270

BID: 13399