The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
The SecuriTeam alerts list - Free, Accurate, Independent.
Get your security news from a reliable source.
http://www.securiteam.com/mailinglist.html
- - - - - - - - -
ekg Insecure Temporary Files Creation Vulnerability
------------------------------------------------------------------------
SUMMARY
<http://dev.null.pl/ekg> ekg is "a Gadu-Gadu client". ekg creates
temporary files in an insecure way, allowing local attackes to gain
elevated privileges via a symblink attack.
DETAILS
Vulnerable Systems:
* ekg versions released before 2005-06-05
The vulnerability is caused due to temporary files being created
insecurely. This can be exploited via a symlink attack, and in turn create
and/or overwrite arbitrary files with the privileges of the user running
the affected script.
Vulnerable code:
In contrib/scripts/linki.py
95 def czyjest ():
96 if os.path.exists('/tmp/rmrmg_ekg_url'):
97 wejsc= open ('/tmp/rmrmg_ekg_url')
98 file = wejsc.readlines()
99 dlug=len(file)
100 wejsc.close()
101 #ekg.printf("generic", "liczno %d" %(dlug))
102 return file
103 else:
104 return 0
Then
35 def handle_keypress(meta, key):
36 if key == 269:
37 ekg.printf("generic", "wci nieto F5")
38 nurl=czyjest()
39 if nurl == 0:
40 ekg.printf("generic", "nie ma zadnego adresu URL")
41 else:
42 dlug=len(nurl)
43 if dlug == 1:
44 ekg.printf("generic", "otwieram %s w nowej zak adce"
%(nurl[0]))
45 os.system("MozillaFirebird -remote 'openURL(%s,new-tab)'"
%(nurl[0]))
46 os.system('rm /tmp/rmrmg_ekg_url')
47 else:
48 ekg.printf("generic", "link w mam %d" %(dlug))
49 wielejest(nurl)
50 ekg.printf("generic", "otwieram %s w nowej zak adce"
%(nurl[0]))
51 os.system("MozillaFirebird -remote 'openURL(%s, new-tab)'"
%(nurl[0]))
52 elif key == 270:
53 ekg.printf("generic", "wcisni to F6")
54 nurl=czyjest()
55 if nurl == 0:
56 ekg.printf("generic", "nic nie moge skasowa - nie mazadnego
adresu URL")
57 else:
58 dlug=len(nurl)
59 if dlug == 1:
60 ekg.printf("generic", "kasuje adres %s" %(nurl[0]))
61 os.system('rm /tmp/rmrmg_ekg_url')
62 else:
63 ekg.printf("generic", "jest wiele link w")
64 wielejest(nurl)
65 ekg.printf("generic", "kasuje pierwszy czyli: %s"%(nurl[0]))
66 elif key == 271:
67 ekg.printf("generic", "wcisni to F7")
68 nurl=czyjest()
69 if nurl == 0:
70 ekg.printf("generic", "nie ma zadnego adresu URL")
71 else:
72 dlug=len(nurl)
73 if dlug == 1:
74 ekg.printf("generic", "otwieram %s w nowym oknie"%(nurl[0]))
75 os.system("MozillaFirebird %s" %(nurl[0]))
76 os.system('rm /tmp/rmrmg_ekg_url')
77 else:
78 ekg.printf("generic", "link w mam %d" %(dlug))
79 wielejest(nurl)
80 ekg.printf("generic", "otwieram %s w nowym oknie"%(nurl[0]))
81 elif key == 272:
82 ekg.printf("generic", "wcisni to F8")
83 nurl=czyjest()
84 ekg.printf("generic", "F5 - otwiera w nowej zak adce; F7 wnowym
oknie, a F6 kasuje, wszystko tyczy si pierwszej po zycji zlisty")
85 if nurl == 0:
86 ekg.printf("generic", "nie ma zadnego adresu URL")
87 else:
88 dlug=len(nurl)
89 ekg.printf("generic", "link w mam %d oto one:" %(dlug))
90 for po in nurl:
91 ekg.printf("generic", "%s" %(po))
92 return 1
CVE Information:
<http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1916>
CAN-2005-1916
ADDITIONAL INFORMATION
The information has been provided by <mailto:exploits@zataz.net> ZATAZ
Audits.
The original article can be found at:
<http://www.zataz.net/adviso/ekg-06062005.txt>
http://www.zataz.net/adviso/ekg-06062005.txt
The original article can be found at:
<http://bugs.gentoo.org/show_bug.cgi?id=94172>
http://bugs.gentoo.org/show_bug.cgi?id=94172
========================================
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com
====================
====================
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
Amazing blog! Do you have any recommendations for aspiring
ReplyDeletewriters? I'm planning to start my own blog soon but I'm a little lost on everything.
Would you propose starting with a free platform like Wordpress or go for a paid option?
There are so many options out there that I'm totally confused .. Any ideas? Thank you!
my web-site: social bookmarking service
I do not even know how I ended up here, but I
ReplyDeletebelieved this post was great. I don't understand who you might be but certainly you're going to a famous blogger if you are not already.
Cheers!
Feel free to surf to my site :: http://www.youtube.com/watch?v=inz1C01jnzw
Pretty nice post. I simply stumbled upon your blog
ReplyDeleteand wanted to mention that I've really loved browsing your blog posts. After all I'll be subscribing in
your rss feed and I hope you write once more soon!
My web blog: Starcraft 2 Hack
With havin so much content and articles do you ever run
ReplyDeleteinto any problems of plagorism or copyright infringement?
My blog has a lot of exclusive content I've either created myself or outsourced but it looks like a lot of it is popping it up all over the web without my authorization. Do you know any methods to help prevent content from being stolen? I'd certainly
appreciate it.
Feel free to surf to my site - 7zip download
Fine way of describing, and pleasant paragraph to get information about my presentation topic, which i
ReplyDeleteam going to convey in academy.
my site - Coconut Oil For Hair
Wonderful article! We are linking to this great article on our site.
ReplyDeleteKeep up the good writing.
my page Unknown
Hi, Neat post. There is an issue with your web site in internet explorer, might test this?
ReplyDeleteIE still is the market leader and a large section of
other folks will pass over your excellent writing because of this problem.
my weblog: Unknown
bookmarked!!, I like your website!
ReplyDeleteMy page :: Unknown
Write more, thats all I have to say. Literally, it
ReplyDeleteseems as though you relied on the video to make your point.
You definitely know what youre talking about, why throw away your intelligence on just posting videos to your blog when you could be giving us something enlightening to read?
Have a look at my blog Maisiecol.Momaroo.Com
A person essentially lend a hand to make critically posts I would state.
ReplyDeleteThis is the first time I frequented your website page and so far?
I amazed with the research you made to create this actual put up amazing.
Magnificent job!
Feel free to surf to my web site Unknown
Greetings I am so delighted I found your blog, I really found you by mistake, while I was researching on Digg for something else, Regardless I am
ReplyDeletehere now and would just like to say thanks for
a marvelous post and a all round interesting blog (I also love the theme/design), I don't have time to read through it all at the minute but I have saved it and also included your RSS feeds, so when I have time I will be back to read more, Please do keep up the excellent job.
Also visit my page :: stretch Marks
Wow! At last I got a blog from where I can in fact get valuable data concerning my study
ReplyDeleteand knowledge.
Feel free to surf to my web page ... coconut oil for Hair
I believe everything posted made a bunch of sense.
ReplyDeleteBut, what about this? suppose you were to create a killer headline?
I ain't suggesting your information isn't good,
but suppose you added a post title to possibly grab
a person's attention? I mean "[UNIX] ekg Insecure Temporary Files Creation Vulnerability" is kinda vanilla. You should peek at Yahoo's home page and see how they create post headlines to get viewers to open the links.
You might add a related video or a picture or two to get readers excited about everything've written. Just my opinion, it could make your blog a little bit more interesting.
Check out my web blog ... Unknown
Hello There. I found your blog using msn. This is an extremely well
ReplyDeletewritten article. I'll be sure to bookmark it and come back to read more of your useful info. Thanks for the post. I'll definitely comeback.
my page - Unknown
Hi! I've been reading your site for some time now and finally got the bravery to go ahead and give you a shout out from Porter Tx! Just wanted to mention keep up the good work!
ReplyDeleteHere is my webpage tattoo removal cream reviews
certainly like your website but you have to check
ReplyDeletethe spelling on quite a few of your posts. Several of them are rife with spelling issues and I in finding it very bothersome to inform the reality then
again I will definitely come again again.
Check out my page :: Unknown
I always spent my half an hour to read this website's articles daily along with a cup of coffee.
ReplyDeleteMy weblog dry scalp treatments
Hi there, after reading this awesome article i am as well glad to share
ReplyDeletemy knowledge here with colleagues.
Feel free to visit my web site :: Diaper Rash Remedies
Appreciating the commitment you put into your site
ReplyDeleteand detailed information you provide. It's good to come across a blog every once in a while that isn't the same unwanted
rehashed material. Great read! I've saved your site and I'm including your RSS feeds to my
Google account.
Visit my homepage - Unknown
I am in fact glad to read this web site posts
ReplyDeletewhich contains tons of helpful information, thanks for
providing these kinds of statistics.
Check out my page :: Unknown
I could not resist commenting. Perfectly written!
ReplyDeleteAlso visit my weblog ... Coconut Oil For Hair
Do you mind if I quote a few of your articles as long as I provide credit and sources back to your weblog?
ReplyDeleteMy blog site is in the very same area of interest
as yours and my users would genuinely benefit from
a lot of the information you present here. Please let me know if this ok with you.
Cheers!
My page: Unknown
Hi there very nice blog!! Man .. Beautiful .. Amazing .
ReplyDelete. I'll bookmark your web site and take the feeds additionally? I am happy to search out so many helpful information right here within the post, we need develop more techniques on this regard, thank you for sharing. . . . . .
My blog post; Unknown
I don't leave a leave a response, but I read a great deal of comments here "[UNIX] ekg Insecure Temporary Files Creation Vulnerability". I actually do have a few questions for you if you do not mind. Is it just me or do a few of these remarks appear like they are coming from brain dead individuals? :-P And, if you are posting on other sites, I'd like to follow anything fresh you have to post.
ReplyDeleteCould you make a list of the complete urls of all your shared sites
like your twitter feed, Facebook page or linkedin profile?
Also visit my blog post ... unknown
Hi everybody, here every person is sharing these kinds of know-how, thus it's pleasant to read this website, and I used to visit this web site every day.
ReplyDeleteLook at my homepage: microsoft office Gratuit
When someone writes an paragraph he/she keeps the image of a user in his/her brain that how a user
ReplyDeletecan understand it. So that's why this post is amazing. Thanks!
Also visit my web page ... refinishing hardwood floors
I leave a response each time I like a post on a website
ReplyDeleteor I have something to add to the discussion. It's triggered by the fire communicated in the post I read. And on this article "[UNIX] ekg Insecure Temporary Files Creation Vulnerability". I was actually moved enough to drop a comment ;-) I actually do have a couple of questions for you if it's okay.
Could it be simply me or do a few of the responses come across
like left by brain dead individuals? :-P And, if you are posting at other sites, I'd like to keep up with you. Could you make a list the complete urls of your shared sites like your linkedin profile, Facebook page or twitter feed?
Visit my page ... diarrhea remedies
Asking questions are genuinely fastidious thing if you are not understanding
ReplyDeletesomething fully, except this paragraph presents good understanding even.
Here is my webpage - http://Otakucom.altervista.Org
I am truly thankful to the owner of this web site who has shared this
ReplyDeletewonderful article at at this place.
Have a look at my weblog; recycling Facts
Appreciating the time and energy you put into your site
ReplyDeleteand in depth information you provide. It's good to come across a blog every once in a while that isn't the same old rehashed information.
Great read! I've bookmarked your site and I'm including
your RSS feeds to my Google account.
my homepage - world of tanks hack
My family all the time say that I am killing my time here at net, except I
ReplyDeleteknow I am getting know-how daily by reading thes nice articles.
Here is my web blog :: PS3 Jailbreak 4.41
obviously like your web-site but you need to check the spelling on several of your posts.
ReplyDeleteMany of them are rife with spelling problems and I find it
very bothersome to inform the reality however I will surely come again again.
My weblog: Eco Sanctuary
Hello there, just became aware of your blog through Google,
ReplyDeleteand found that it's truly informative. I'm gonna watch out for brussels.
I will appreciate if you continue this in future. Lots of people will be benefited from your writing.
Cheers!
my webpage; microsoft points
I'm really enjoying the theme/design of your site. Do you ever run into any browser compatibility issues? A small number of my blog visitors have complained about my site not operating correctly in Explorer but looks great in Safari. Do you have any solutions to help fix this problem?
ReplyDeletemy blog: psn code Generator
This is a topic that is near to my heart... Cheers!
ReplyDeleteExactly where are your contact details though?
Feel free to visit my weblog; Pirater Un Compte Facebook
Good day! Do you know if they make any plugins to protect
ReplyDeleteagainst hackers? I'm kinda paranoid about losing everything I've worked hard on.
Any tips?
Look into my web blog ... The Interlace
Thanks for ones marvelous posting! I certainly enjoyed reading it, you can be a great author.
ReplyDeleteI will be sure to bookmark your blog and will eventually come back later in life.
I want to encourage continue your great job, have a nice holiday weekend!
Here is my web page ... World Of Tanks Hack
I've been browsing online more than three hours today, yet I never found any interesting article like yours. It is pretty worth enough for me. In my view, if all webmasters and bloggers made good content as you did, the web will be a lot more useful than ever before.
ReplyDeleteHere is my blog: Code Psn Gratuit
Hello just wanted to give you a quick heads up.
ReplyDeleteThe text in your content seem to be running off the screen in Internet explorer.
I'm not sure if this is a formatting issue or something to do with internet browser compatibility but I figured I'd post to
let you know. The design and style look great though! Hope you get the problem resolved soon.
Thanks
Also visit my website :: league of legends hack
I almost never leave remarks, however after reading a few of the responses here "[UNIX] ekg Insecure Temporary Files Creation Vulnerability".
ReplyDeleteI actually do have a couple of questions for you
if it's okay. Could it be only me or does it appear like a few of the comments appear like they are written by brain dead folks? :-P And, if you are writing at other online social sites, I'd like to follow you.
Could you list of every one of all your social networking sites like your Facebook
page, twitter feed, or linkedin profile?
Feel free to surf to my page ... Minecraft gift code Generator
I was wondering if you ever considered changing
ReplyDeletethe layout of your blog? Its very well written; I love what youve got to
say. But maybe you could a little more in the way of content so people could
connect with it better. Youve got an awful lot of text for only having 1 or
two images. Maybe you could space it out better?
Also visit my web blog: Minecraft Gift Code Generator
Article writing is also a excitement, if you know then you can write or else it is complex
ReplyDeleteto write.
Look into my web-site; Codes Psn Gratuit