Bug 97193 (CVE-2005-2231)

Summary: VUL-0: CVE-2005-2231: heartbeat insecure temporary files
Product: [Novell Products] SUSE Security Incidents Reporter: Ludwig Nussel <lnussel>
Component: IncidentsAssignee: Lars Marowsky-Bree <lmb>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P5 - None CC: security-team
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: All   
Whiteboard: CVE-2005-2231: CVSS v2 Base Score: 2.1 (AV:L/AC:L/Au:N/C:N/I:P/A:N)
Found By: Other Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Ludwig Nussel 2005-07-19 08:30:18 UTC 
We received the following report via full-disclosure.
The issue is public.
The can number links to http://secunia.com/advisories/16039

To determine whether this needs to be patched in released products we need to know whether those insecure tmp files are created at predictable times, eg by automatically running scripts or only interactively.

Do you know whether the fixes went upstream?

Date: Tue, 19 Jul 2005 07:59:53 +0200 (CEST)
From: Martin Schulze <joey@infodrom.org>
To: Debian Security Announcements <debian-security-announce@lists.debian.org>
Cc: 
Subject: [Full-disclosure] [SECURITY] [DSA 761-1] New heartbeat packages fix
	insecure temporary files
User-Agent: dsa-launch $Revision: 1.18 $
Resent-From: list@murphy.debian.org (Mailing List Manager)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 761-1                     security@debian.org
http://www.debian.org/security/                             Martin Schulze
July 19th, 2005                         http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : heartbeat
Vulnerability  : insecure temporary files
Problem-Type   : local
Debian-specific: no
CVE ID         : CAN-2005-2231

Eric Romang discovered several insecure temporary file creations in
heartbeat, the subsystem for High-Availability Linux.

[...]
Comment 1 Lars Marowsky-Bree 2005-07-19 13:12:52 UTC 
They are only created interactively when the test harness is run, which is not a
common operation.

The fixes have been submitted upstream and will likely be merged quickly, and
I'll prepare updated packages soon. Can't say whether I can manage to do so
during Kernel Summit / OLS yet, though.
Comment 2 Ludwig Nussel 2005-07-19 13:14:26 UTC 
Well in this case there is no need to release security updates. Fix for 10.0 
is sufficient.
Comment 3 Ludwig Nussel 2005-09-07 09:46:13 UTC 
is it fixed in 10.0?
Comment 4 Lars Marowsky-Bree 2005-09-07 10:22:59 UTC 
Yes, it's fixed in STABLE.
Comment 5 Thomas Biege 2009-10-13 21:34:12 UTC 
CVE-2005-2231: CVSS v2 Base Score: 2.1 (AV:L/AC:L/Au:N/C:N/I:P/A:N)