EKG Insecure Temporary File Creation Vulnerability

ekg creates temporary files in an insecure manner. An attacker will local access could potentially exploit this issue to overwrite files in the context of the application.

Exploitation would most likely result in loss of data or a denial of service if critical files are overwritten in the attack. There is also an unconfirmed potential for privilege escalation if the attacker can write custom data in the attack.


 

Privacy Statement
Copyright 2010, SecurityFocus