Tripwire Insecure Temporary File Symbolic Link Vulnerability

Tripwire is an open source host-based intrusion detection system actively maintained by the Tripwire Development Team.

Tripwire insecurely creates files using the mktemp() system call, and does not check for the existence of the file prior to attempting to create it.

This makes it possible for a local user to launch a symbolic link attack. As a result, a malicious local user may be able to overwrite system files, creating a denial of service, or potentially gain elevated privileges.


Privacy Statement
Copyright 2010, SecurityFocus