Bug 481702 (CVE-2008-5703)

Summary: CVE-2008-5703 gpsdrive: insecure temporary file use in gpssmswatch and splash.c
Product: [Other] Security Response Reporter: Tomas Hoger <thoger>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: low Docs Contact:
Priority: low    
Version: unspecifiedCC: kevin
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
URL: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5703
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2010-12-22 15:31:32 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Tomas Hoger 2009-01-27 08:39:01 UTC 
Common Vulnerabilities and Exposures assigned an identifier CVE-2008-5703 to the following vulnerability:

gpsdrive (aka gpsdrive-scripts) 2.10~pre4 allows local users to overwrite
arbitrary files via a symlink attack on the (a) /tmp/.smswatch or (b)
/tmp/gpsdrivepos temporary file, related to (1) examples/gpssmswatch and (2)
src/splash.c, different vectors than CVE-2008-4959 and CVE-2008-5380. 

References:
http://openwall.com/lists/oss-security/2008/12/17/15
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508597
http://sourceforge.net/tracker/index.php?func=detail&aid=2121124&group_id=148048&atid=770280
http://www.securityfocus.com/bid/32887
Comment 1 Tomas Hoger 2009-01-27 08:41:02 UTC 
Upstream fixes:

gpssmswatch was removed in:
http://gpsdrive.svn.sourceforge.net/viewvc/gpsdrive?view=rev&revision=2204

src/splash.c was fixed via:
http://gpsdrive.svn.sourceforge.net/viewvc/gpsdrive?view=rev&revision=2194
http://gpsdrive.svn.sourceforge.net/viewvc/gpsdrive?view=rev&revision=2195
Comment 2 Kevin Fenzi 2009-02-03 03:53:51 UTC 
http://cvs.fedoraproject.org/viewvc/rpms/gpsdrive/devel/gpsdrive-2.09-CVE-2008-5703.patch?view=co

Checked into rawhide and built. 
Does that look ok? If so, I will push F9/F10 builds/updates.
Comment 3 Fedora Update System 2009-02-05 02:10:17 UTC 
gpsdrive-2.09-7.fc10 has been pushed to the Fedora 10 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 4 Fedora Update System 2009-02-05 02:22:35 UTC 
gpsdrive-2.09-7.fc9 has been pushed to the Fedora 9 stable repository.  If problems still persist, please make note of it in this bug report.