oss-sec mailing list archives
wafp insecure temporary directory
From: Henri Salo <henri () nerv fi>
Date: Tue, 27 Apr 2010 18:41:22 +0300
Wafp creates a temporary directory to predictable path and name. This allows a local attacker to create a denial of service condition and discloses sensitive information to unprivileged users. This also reduces usability of this software, because one can't run more than one wafp- instances at the same time. This issue can also be leveraged to delete arbitrary files or directories via a symlink attack. I notified the project: http://code.google.com/p/webapplicationfingerprinter/issues/detail?id=8 Can I get CVE-identifier for this issue? --- Henri Salo
Current thread:
- wafp insecure temporary directory Henri Salo (Apr 27)
- Re: wafp insecure temporary directory Josh Bressers (Apr 27)