blob: ef3ab947cf926e1cf426b32fa1bfa6e4f346a348 [file] [log] [blame]
<?xml version="1.0" encoding="utf-8"?>
<glsa id="200508-05">
<title>Heartbeat: Insecure temporary file creation</title>
Heartbeat is vulnerable to symlink attacks, potentially allowing a local
user to overwrite arbitrary files.
<product type="ebuild">Heartbeat</product>
<announced>August 07, 2005</announced>
<revised>August 07, 2005: 01</revised>
<package name="sys-cluster/heartbeat" auto="yes" arch="*">
<unaffected range="ge">1.2.3-r1</unaffected>
<vulnerable range="lt">1.2.3-r1</vulnerable>
Heartbeat is a component of the High-Availability Linux project.
It it used to perform death-of-node detection, communications and
cluster management.
Eric Romang has discovered that Heartbeat insecurely creates
temporary files with predictable filenames.
<impact type="normal">
A local attacker could create symbolic links in the temporary file
directory, pointing to a valid file somewhere on the filesystem. When a
vulnerable script is executed, this could lead to the file being
overwritten with the rights of the user running the affected
There is no known workaround at this time.
All Heartbeat users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose &quot;&gt;=sys-cluster/heartbeat-1.2.3-r1&quot;</code>
<uri link="">CAN-2005-2231</uri>
<metadata tag="requester" timestamp="Fri, 05 Aug 2005 07:37:14 +0000">
<metadata tag="submitter" timestamp="Fri, 05 Aug 2005 14:33:59 +0000">
<metadata tag="bugReady" timestamp="Fri, 05 Aug 2005 14:54:26 +0000">