ID CVE-2004-0107
Summary The (1) post and (2) trigger scripts in sysstat 4.0.7 and earlier allow local users to overwrite arbitrary files via symlink attacks on temporary files, a different vulnerability than CVE-2004-0108.
References
Vulnerable Configurations
  • cpe:2.3:a:redhat:sysstat:4.0.7-3:-:i386
    cpe:2.3:a:redhat:sysstat:4.0.7-3:-:i386
  • SGI ProPack 2.3
    cpe:2.3:a:sgi:propack:2.3
  • SGI ProPack 2.4
    cpe:2.3:a:sgi:propack:2.4
  • cpe:2.3:a:sysstat:sysstat:4.0.7
    cpe:2.3:a:sysstat:sysstat:4.0.7
  • cpe:2.3:a:sysstat:sysstat:4.1.1
    cpe:2.3:a:sysstat:sysstat:4.1.1
  • cpe:2.3:a:sysstat:sysstat:4.1.2
    cpe:2.3:a:sysstat:sysstat:4.1.2
  • cpe:2.3:a:sysstat:sysstat:4.1.3
    cpe:2.3:a:sysstat:sysstat:4.1.3
  • cpe:2.3:a:sysstat:sysstat:4.1.4
    cpe:2.3:a:sysstat:sysstat:4.1.4
  • cpe:2.3:a:sysstat:sysstat:4.1.5
    cpe:2.3:a:sysstat:sysstat:4.1.5
  • cpe:2.3:a:sysstat:sysstat:4.1.6
    cpe:2.3:a:sysstat:sysstat:4.1.6
  • cpe:2.3:a:sysstat:sysstat:4.1.7
    cpe:2.3:a:sysstat:sysstat:4.1.7
  • cpe:2.3:a:sysstat:sysstat:5.0.1
    cpe:2.3:a:sysstat:sysstat:5.0.1
CVSS
Base: 4.6 (as of 01-01-2004 - 00:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200404-04.NASL
    description The remote host is affected by the vulnerability described in GLSA-200404-04 (Multiple vulnerabilities in sysstat) There are two vulnerabilities in the way sysstat handles symlinks: The isag utility, which displays sysstat data in a graphical format, creates a temporary file in an insecure manner. Two scripts in the sysstat package, post and trigger, create temporary files in an insecure manner. Impact : Both vulnerabilities may allow an attacker to overwrite arbitrary files under the permissions of the user executing any of the affected utilities. Workaround : A workaround is not currently known for this issue. All users are advised to upgrade to the latest version of the affected package.
    last seen 2019-02-21
    modified 2015-04-13
    plugin id 14469
    published 2004-08-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=14469
    title GLSA-200404-04 : Multiple vulnerabilities in sysstat
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2004-053.NASL
    description Updated sysstat packages that fix various bugs and security issues are now available. Sysstat is a tool for gathering system statistics. Isag is a utility for graphically displaying these statistics. A bug was found in the Red Hat sysstat package post and trigger scripts, which used insecure temporary file names. A local attacker could overwrite system files using carefully-crafted symbolic links in the /tmp directory. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0107 to this issue. While fixing this issue, a flaw was discovered in the isag utility, which also used insecure temporary file names. A local attacker could overwrite files that the user running isag has write access to using carefully-crafted symbolic links in the /tmp directory. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0108 to this issue. Other issues addressed in this advisory include : * iostat -x should return all partitions on the system (up to a maximum of 1024) * sar should handle network device names with more than 8 characters properly * mpstat should work correctly with more than 7 CPUs as well as generate correct statistics when accessing individual CPUs. This issue only affected Red Hat Enterprise Linux 2.1 * The sysstat package was not built with the proper dependencies; therefore, it was possible that isag could not be run because the necessary tools were not available. Therefore, isag was split off into its own subpackage with the required dependencies in place. This issue only affects Red Hat Enterprise Linux 2.1. Users of sysstat and isag should upgrade to these updated packages, which contain patches to correct these issues. NOTE: In order to use isag on Red Hat Enterprise Linux 2.1, you must install the sysstat-isag package after upgrading.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 12462
    published 2004-07-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=12462
    title RHEL 2.1 / 3 : sysstat (RHSA-2004:053)
oval via4
  • accepted 2013-04-29T04:08:14.244-04:00
    class vulnerability
    contributors
    • name Aharon Chernin
      organization SCAP.com, LLC
    • name Dragos Prisaca
      organization G2, Inc.
    definition_extensions
    • comment The operating system installed on the system is Red Hat Enterprise Linux 3
      oval oval:org.mitre.oval:def:11782
    • comment CentOS Linux 3.x
      oval oval:org.mitre.oval:def:16651
    description The (1) post and (2) trigger scripts in sysstat 4.0.7 and earlier allow local users to overwrite arbitrary files via symlink attacks on temporary files, a different vulnerability than CVE-2004-0108.
    family unix
    id oval:org.mitre.oval:def:10737
    status accepted
    submitted 2010-07-09T03:56:16-04:00
    title The (1) post and (2) trigger scripts in sysstat 4.0.7 and earlier allow local users to overwrite arbitrary files via symlink attacks on temporary files, a different vulnerability than CVE-2004-0108.
    version 23
  • accepted 2007-04-25T19:53:00.342-04:00
    class vulnerability
    contributors
    • name Jay Beale
      organization Bastille Linux
    • name Matt Busby
      organization The MITRE Corporation
    • name Thomas R. Jones
      organization Maitreya Security
    description The (1) post and (2) trigger scripts in sysstat 4.0.7 and earlier allow local users to overwrite arbitrary files via symlink attacks on temporary files, a different vulnerability than CVE-2004-0108.
    family unix
    id oval:org.mitre.oval:def:849
    status accepted
    submitted 2004-03-20T12:00:00.000-04:00
    title Red Hat sysstat port and trigger Scripts symlink Attack Vulnerability
    version 34
  • accepted 2007-04-25T19:53:03.313-04:00
    class vulnerability
    contributors
    • name Jay Beale
      organization Bastille Linux
    • name Matt Busby
      organization The MITRE Corporation
    • name Matt Busby
      organization The MITRE Corporation
    • name Thomas R. Jones
      organization Maitreya Security
    description The (1) post and (2) trigger scripts in sysstat 4.0.7 and earlier allow local users to overwrite arbitrary files via symlink attacks on temporary files, a different vulnerability than CVE-2004-0108.
    family unix
    id oval:org.mitre.oval:def:862
    status accepted
    submitted 2004-03-20T12:00:00.000-04:00
    title Red Hat Enterprise 3 sysstat port and trigger Scripts symlink Attack Vulnerability
    version 34
redhat via4
advisories
  • rhsa
    id RHSA-2004:053
  • rhsa
    id RHSA-2004:093
refmap via4
bid 9838
ciac O-097
osvdb 6884
sgi 20040302-01-U
xf sysstat-post-trigger-symlink(15428)
Last major update 21-08-2010 - 00:19
Published 15-04-2004 - 00:00
Last modified 10-10-2017 - 21:29
Back to Top