oss-sec mailing list archives
Re: wafp insecure temporary directory
From: Josh Bressers <bressers () redhat com>
Date: Tue, 27 Apr 2010 20:13:37 -0400 (EDT)
----- "Henri Salo" <henri () nerv fi> wrote:
Wafp creates a temporary directory to predictable path and name. This allows a local attacker to create a denial of service condition and discloses sensitive information to unprivileged users. This also reduces usability of this software, because one can't run more than one wafp- instances at the same time. This issue can also be leveraged to delete arbitrary files or directories via a symlink attack. I notified the project: http://code.google.com/p/webapplicationfingerprinter/issues/detail?id=8 Can I get CVE-identifier for this issue?
Please use CVE-2010-1438. Thanks. -- JB
Current thread:
- wafp insecure temporary directory Henri Salo (Apr 27)
- Re: wafp insecure temporary directory Josh Bressers (Apr 27)