mailing list archives
CVE Request -- openvas-scanner -- Insecure temporary file use by generation of an OVAL system characteristics document, when ovaldi support enabled
From: Jan Lieskovsky <jlieskov () redhat com>
Date: Wed, 07 Sep 2011 14:13:45 +0200
Hello Josh, Steve, vendors,
it was reported that the scanner module for the Open Vulnerability
Assessment System (OpenVAS) used insecure way for creation of a
temporary file, when generating OVAL system characteristics document
from the knowledge base data available, with the ovaldi integrated tool
enabled. A local attacker could use this flaw to conduct symlink
attacks to overwrite arbitrary files on the system, accessible with the
privileges of the user running the SLAD daemon and / or the ovaldi OVAL
Could you allocate a CVE id for this?
Thank you && Regards, Jan.
Jan iankko Lieskovsky / Red Hat Security Response Team
- CVE Request -- openvas-scanner -- Insecure temporary file use by generation of an OVAL system characteristics document, when ovaldi support enabled Jan Lieskovsky (Sep 07)