• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

mhc-utils Insecure Temporary File Creation Vulnerability

A vulnerability has been reported for the adb2mhc utility included with mhc-utils. adb2mhc may create temporary files in an insecure manner. It is likely that this vulnerability may be related to creating temporary files with predictable names.

By anticipating the names used to create temporary files used by adb2mhc, it may be possible for a local attacker to corrupt or modify data as another user.