Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 27 Oct 2015 10:44:49 +0100
From: Michael Scherer <misc@...b.org>
To: oss-security@...ts.openwall.com
Subject: Re: CVE request - open-vm-tools using predictable
 filename in /tmp

On Mon, Oct 26, 2015 at 07:51:17PM +0100, Florian Weimer wrote:
> On 10/26/2015 07:23 PM, Michael Scherer wrote:
> 
> > It seems that vm-support, from open-vm-tools use /tmp to
> > store output of diagnostic software.
> > 
> > See 
> > https://github.com/vmware/open-vm-tools/blob/master/open-vm-tools/scripts/common/vm-support#L200
> > 
> > Can a CVE be assigned ?
> 
> I don't think this is a vulnerability anymore because runcmd prepends
> $OUTPUT_DIR to the path.

Damn, indeed, should have spent more time looking at the bash code :(
-- 
Michael Scherer

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ