Bug 236585 (CVE-2007-2030)

Summary: CVE-2007-2030 /tmp race in lha
Product: [Other] Security Response Reporter: Red Hat Product Security <security-response-team>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED WONTFIX QA Contact:
Severity: low Docs Contact:
Priority: low    
Version: unspecifiedCC: bressers
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
URL: https://bugzilla.novell.com/show_bug.cgi?id=264282
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-08-02 18:19:53 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
Patch for lha /tmp race & others, applies to FC5 none

Description Lubomir Kundrak 2007-04-16 16:20:13 UTC
Description of problem:

lha doesn't open temporary files exclusively, which makes it possible for an
attacker to conduct a time-dependent attack by creating the file in advance.

Version-Release number of selected component (if applicable):

        Affects: RHEL2.1
        Affects: RHEL3
        Affects: RHEL4
        Affects: FC5

How reproducible:

Time-dependent race.

Additional info:

The patch also incorporates some trailing-NUL things from SUSE's
security review patch. I do not know why weren't they unlike some other
fixes from that patch integrated in our packages. It might be possible
that they are not needed. The patch is basically a polished diff between
SUSE and FC-5 lha.

Comment 1 Lubomir Kundrak 2007-04-16 16:20:13 UTC
Created attachment 152702 [details]
Patch for lha /tmp race & others, applies to FC5

Comment 3 Red Hat Bugzilla 2009-10-23 19:03:38 UTC
Reporter changed to security-response-team by request of Jay Turner.

Comment 4 Josh Bressers 2011-08-02 18:17:41 UTC
Statement:

Red Hat no longer plans to fix this issue in Red Hat Enterprise Linux 4.