Bug 95900 (CVE-2005-0990)

Summary: VUL-0: CVE-2005-0990: sharutils tmp race
Product: [Novell Products] SUSE Security Incidents Reporter: Ludwig Nussel <lnussel>
Component: IncidentsAssignee: Security Team bot <security-team>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P5 - None    
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: All   
Whiteboard: CVE-2005-0990: CVSS v2 Base Score: 2.1 (AV:L/AC:L/Au:N/C:N/I:P/A:N)
Found By: Other Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Ludwig Nussel 2005-07-11 07:18:47 UTC
We received the following report via full-disclosure.
The issue is public.

Just to get the CAN into bugzilla. Fixed for 10.0 already du to upstream fix.

               Fedora Legacy Update Advisory

Synopsis:          Updated sharutils package fixes security issue
Advisory ID:       FLSA:154991
Issue date:        2005-07-10
Product:           Red Hat Linux, Fedora Core
Keywords:          Bugfix
CVE Names:         CAN-2005-0990

1. Topic:

Updated packages for sharutils which fix a security vulnerability are
now available.

The sharutils package contains a set of tools for encoding and decoding
packages of files in binary or text format.

2. Relevant releases/architectures:

Red Hat Linux 7.3 - i386
Red Hat Linux 9 - i386
Fedora Core 1 - i386
Fedora Core 2 - i386

3. Problem description:

A bug was found in the way unshar creates temporary files. A local user
could use symlinks to overwrite arbitrary files the victim running
unshar has write access to. The Common Vulnerabilities and Exposures
project (cve.mitre.org) has assigned the name CAN-2005-0990 to this

All users of sharutils should upgrade to these packages, which resolve
this issue.
Comment 1 Ludwig Nussel 2005-07-11 07:19:49 UTC
Comment 2 Thomas Biege 2009-10-13 21:32:33 UTC
CVE-2005-0990: CVSS v2 Base Score: 2.1 (AV:L/AC:L/Au:N/C:N/I:P/A:N)