AllCommerce Symlink Vulnerability

AllCommerce is free, open-source e-commerce application. It ships with EnGarde Secure Linux.

AllCommerce shipped with EnGarde has debug mode enabled by default. When in debug mode, AllCommerce creates files in the /tmp directory insecurely. It does not check if the files already exist and furthermore the files are created with predictable names. Due to these problems, it is possible to execute symlink attacks against the host.

Files that are attacked in this manner will be corrupted. Loss of data, denial of services, or privilege escalations can all occur as a result of this. The attacker would have to be local to exploit this vulnerability.


 

Privacy Statement
Copyright 2010, SecurityFocus