• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

EKG Insecure Temporary File Creation Vulnerability

ekg is reported prone to an unspecified insecure temporary file creation vulnerability. This issue is likely due to a design error that causes the application to fail to verify the existence of a file before writing to it.

The details available regarding this issue are not sufficient to provide an in depth technical description. This BID will be updated when more information becomes available.

An attacker may leverage this issue to overwrite arbitrary files with the privileges of an unsuspecting user that activates the vulnerable application.