Local File Overwrite Vulnerability in Linux Security Auditing Tool by Gentoo
CVE-2007-1500

Currently unrated

Key Information:

Vendor: Gentoo
Status: Linux
Vendor: CVE Published:; 19 March 2007

What is CVE-2007-1500?

The Linux Security Auditing Tool (LSAT) is susceptible to a local file overwrite vulnerability that arises from improper handling of temporary files through symlink attacks. This flaw allows local users to potentially overwrite arbitrary files, thereby compromising system integrity and security. An attacker can exploit this vulnerability by creating a symlink to a critical file within the temporary directory, leading to unauthorized modification and potential data loss. Users should remediate this issue by updating to the latest version of LSAT and implementing appropriate file permissions.

References

http://secunia.com/advisories/24526

third-party-advisoryx_refsource_SECUNIA

http://www.securityfocus.com/bid/23014

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/33057

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 19, 2007
Vulnerability Reserved
Mar 19, 2007