Bug 745479 (CVE-2011-3618) - CVE-2011-3618 atop: Insecure temporary file use flaw by management of runtime data
Summary: CVE-2011-3618 atop: Insecure temporary file use flaw by management of runtime...
Keywords:
Status: ASSIGNED
Alias: CVE-2011-3618
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Nobody
QA Contact:
URL:
Whiteboard:
Depends On: 745480 745481 745482
Blocks:
TreeView+ depends on / blocked
 
Reported: 2011-10-12 13:46 UTC by Jan Lieskovsky
Modified: 2023-07-07 08:29 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:
Embargoed:


Attachments (Terms of Use)

Description Jan Lieskovsky 2011-10-12 13:46:07 UTC
An insecure temporary file use flaw was found in the way atop, an advanced interactive monitor to view the load on system and process level, has kept its temporary runtime data in temporary files. A local attacker could use this flaw to conduct symlink attacks (make atop to remove file named 'atop.acct' in the linked-to directory).

References:
[1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=622794
[2] http://www.openwall.com/lists/oss-security/2011/10/09/5
    (CVE request)
[3] http://www.openwall.com/lists/oss-security/2011/10/10/10
    (CVE assignment)

Patches applied by Debian Linux distribution:
[5] http://mozilla.mirror.pop-sc.rnp.br/mirror/Debian/pool/main/a/atop/atop_1.23-1+lenny1.diff.gz
    (relevant change)
[6] http://patch-tracker.debian.org/package/atop/1.23-1+lenny1
    (link to patch-tracker Debian patch changes tracking system)
[7] http://patch-tracker.debian.org/patch/misc/view/atop/1.23-1+lenny1/acctproc.c
    (underlying acctproc.c change)
[8] http://patch-tracker.debian.org/patch/misc/view/atop/1.23-1+lenny1/rawlog.c
    (relevant rawlog.c change)

Note: But better to apply patch [5] as a whole (those parts, which are applicable).

Comment 1 Jan Lieskovsky 2011-10-12 13:47:48 UTC
This issue affects the version of the atop package, as shipped with Fedora release of 15 and 14. Please schedule an update.

--

This issue affects the version of the atop package, as present within EPEL-5 and EPEL-4 repositories. Please schedule an update.

Comment 2 Jan Lieskovsky 2011-10-12 13:49:04 UTC
Created atop tracking bugs for this issue

Affects: fedora-all [bug 745480]
Affects: epel-5 [bug 745481]
Affects: epel-4 [bug 745482]

Comment 3 Gwyn Ciesla 2011-10-12 14:46:31 UTC
I think these are addressed in 1.26.  I'll get that out immediately and have a deeper look.

Comment 4 Jan Lieskovsky 2011-10-13 10:52:41 UTC
(In reply to comment #3)
> I think these are addressed in 1.26.  I'll get that out immediately and have a
> deeper look.

Brilliant, thanks Jon.

Comment 5 Jan Lieskovsky 2011-10-13 10:56:55 UTC
This issue has been scheduled to be corrected in the following updates:
1) atop-1.26-1.fc15 for Fedora 15,
2) atop-1.26-1.fc14.1 for Fedora 14,
3) atop-1.26-1.el5.1 for Fedora EPEL 5,
4) atop-1.26-1.el4.1 for Fedora EPEL 4.

These updates have been pushed to particular -testing repositories. Once they have passed the required level of testing, the will be pushed to relevant -stable repositories.


Note You need to log in before you can comment on or make changes to this bug.