• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

StoreBackup Insecure Temporary File Creation Vulnerability

storeBackup creates temporary files in an insecure manner.

An attacker with local access could potentially exploit this issue to view files and obtain privileged information. The attacker may also perform symlink attacks, overwriting arbitrary files in the context of the affected application.

Exploitation would most likely result in loss of confidentiality and theft of privileged information. Successful exploitation of a symlink attack may allow an attacker to overwrite sensitive configuration files. This may result in a denial of service; other attacks may also be possible.