BugTraq
Symlink Vulnerability in GNU libtool <1.5.2 Jan 30 2004 01:14AM
Stefan Nordhausen (deletethis nordhaus informatik hu-berlin de) (3 replies)
Vulnerable: libtool <1.5.2
Not Vulnerable: libtool 1.5.2
Project website: http://www.gnu.org/software/libtool/libtool.html

Description of libtool (from website):
"GNU libtool is a generic library support script. Libtool hides the
complexity of using shared libraries behind a consistent, portable
interface."
Libtool is included with many packages that rely on it to handle
libraries. As a result these packages are vulnerable as well.

Discussion:
I found a symlink vulnerability in libtool prior to version 1.5.2.
Libtool insecurely creates a temporary directory when a package using
libtool is being compiled.

I want to point out that this bug is _only_ exploitable at compile time.
The binaries that are produced during compilation are _not_ affected. As
a result, systems that rely exclusively on binary packages are not
affected at all.

Solution:
Updating to libtool 1.5.2 (the current stable release) will eliminate
the vulnerability. If you want to stick with your old version of libtool
you can easily fix this bug yourself. In "ltmain.in" (or file "libtool",
whichever applies for you) you should replace the line:

if $mkdir -p "$tmpdir" && chmod 700 "$tmpdir"; then :

with

if $mkdir "$tmpdir" && chmod 700 "$tmpdir"; then :

Packages sometimes bring their own version of libtool. As a result,
fixing the libtool that is installed on your system may not be enough.
To solve this problem, package maintainers should fix their packages if
they use libtool!

Regards
Stefan Nordhausen

--
Don't open your eyes, you won't like what you see. The blind have been
blessed with security. Don't open your eyes, take it from me. I have
found, you can find happiness in slavery.
Trent Reznor

[ reply ]
Re: Symlink Vulnerability in GNU libtool <1.5.2 Feb 04 2004 05:01AM
jsm polyomino org uk
Re: Symlink Vulnerability in GNU libtool <1.5.2 Feb 03 2004 11:21AM
Stefan Nordhausen (deletethis nordhaus informatik hu-berlin de)
Re: Symlink Vulnerability in GNU libtool <1.5.2 Feb 03 2004 09:47AM
Joseph S. Myers (jsm polyomino org uk) (2 replies)
Re: Symlink Vulnerability in GNU libtool <1.5.2 Feb 04 2004 07:10PM
Stefan Nordhausen (deletethis nordhaus informatik hu-berlin de)
Re: Symlink Vulnerability in GNU libtool <1.5.2 Feb 03 2004 08:33PM
Scott James Remnant (scott netsplit com)


 

Privacy Statement
Copyright 2010, SecurityFocus