Brandon Posted December 26, 2005 Report Share Posted December 26, 2005 Story published by SecuniaSource: Javier Fernandez-Sanguino PenaJavier Fernandez-Sanguino Pena has reported a vulnerability in Bugzilla, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges.The vulnerability is caused due to the "tmpsyncshadow" temporary file being created insecurely by the "syncshadowdb" script in the temporary directory. This can be exploited via symlink attacks to overwrite arbitrary files with the privileges of the user running the affected script.Successful exploitation requires that the malicious user is able to write to the temporary directory.The vulnerability has been reported version 2.16.7 and also affects version 2.16.10. Other versions may also be affected.Solution:The vendor do not recommend the use of version 2.16.10 for new Bugzilla installations.The affected script is not present in version 2.20.Secunia Advisory Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.