• IDP Daily Update #1312
  posted: 11/18/08
  
• NSM Daily Update #1312
  posted: 11/18/08
  
• Deep Inspection 5.3r5 and above, 5.4, 6.0 #1312
  posted: 11/18/08
  
• Deep Inspection 5.1, 5.2, 5.3r4 and below #1300
  posted: 11/18/08
  
• Deep Inspection 5.0 #1132
  posted: 04/01/08
  
• Antivirus
  posted: 11/17/08

Text Size:        

• Product Information
• Security Products Overview
• Juniper Networks ISG Series
• IDP Demo
• Product Poster & Z-Card 

Title: APTonCD Insecure Temporary File Creation Vulnerability

Severity: LOW

Description:

APTonCD is a tool for creating a removable repository of packages obtained with APT-GET.

APTonCD creates temporary files in an insecure manner.

The issue occurs because the '/usr/share/aptoncd/xmlfile.py' script creates files in an insecure manner. An attacker with local access could potentially exploit this issue to perform symbolic-link attacks, overwriting arbitrary files in the context of the affected application.

Successfully mounting a symlink attack may allow the attacker to delete or corrupt sensitive files, which may result in a denial of service. Other attacks may also be possible.

APTonCD 0.1 is vulnerable; other versions may also be affected.

Affected Products:

• APTonCD APTonCD 0.1
• Debian Linux 4.0
• Debian Linux 4.0 alpha
• Debian Linux 4.0 amd64
• Debian Linux 4.0 arm
• Debian Linux 4.0 hppa
• Debian Linux 4.0 ia-32
• Debian Linux 4.0 ia-64
• Debian Linux 4.0 m68k
• Debian Linux 4.0 mips
• Debian Linux 4.0 mipsel
• Debian Linux 4.0 powerpc
• Debian Linux 4.0 s/390
• Debian Linux 4.0 sparc

References:

• APTonCD: APTonCD Homepage
• Dmitry E. Oboukhov: Debian Bug report logs - #496390
• Dmitry E. Oboukhov: Insecure tmp files in Debian packages