Matt Welsh sgmltool Symlink Vulnerability

sgmltool is a suite of programs used in processing and coverting SGML files to other formats.

An sgmltool component makes insecure use of temporary files.

If an attacker can determine the name of the temporary file prior to its creation, a symbolic link could be created pointing to a target file for which the sgmltool process owner has write permissions.

In this event, sgmltool will overwrite the contents of the target file with its own output.


Privacy Statement
Copyright 2010, SecurityFocus