Vulnerability discovered by Eric Romang the 2005-05-22
Vendor notified the 2005-05-22
Vulnerability disclosure the 2005-06-06
Affected version(s) :
LutelWall before or equal to 0.97
A vulnerability exists in a portion of LutelWall that looks for new versions. This vulnerability creates a temporary file with insecure permissions that, with creative use of symlinks, would allow an attacker to overwrite or create files with the privileges of the user that runs the update script. Because the update script is run as root, this could give the attacker the ability to create or overwrite nearly any file on the system.