News
Vigil@nce - as31: file corruption
January 2012 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
A local attacker can create a symbolic link during the usage of as31, in order to corrupt a file with user’s privileges.
Severity: 1/4
Creation date: 25/01/2012
IMPACTED PRODUCTS - Unix - plateform
DESCRIPTION OF THE VULNERABILITY
The as31 program compiles assembler code for Intel MCS-51 (8051) micro-controllers.
During the compilation, as31 creates a temporary file. However:
this filename can be predicted
the file is located in a publicly writable directory
as31 does not forbid the usage of a symbolic link
A local attacker can therefore create a symbolic link during the usage of as31, in order to corrupt a file with user’s privileges.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
