Link following in products

#VU33127 Link following in products

Published: 2011-11-04 | Updated: 2020-08-03

Vulnerability identifier: #VU33127

Vulnerability risk: Low

CVSSv3.1: 6.7 [CVSS:3.1/CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2011-3616

CWE-ID: CWE-59

Exploitation vector: Local

Exploit availability: No

Description

The vulnerability allows a local non-authenticated attacker to #BASIC_IMPACT#.

The getSkillname function in the eve module in Conky 1.8.1 and earlier allows local users to overwrite arbitrary files via a symlink attack on /tmp/.cesf.

Mitigation
Install update from vendor's website.

External links
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=612033
http://secunia.com/advisories/43225
http://secunia.com/advisories/46353
http://www.gentoo.org/security/en/glsa/glsa-201110-09.xml
http://www.openwall.com/lists/oss-security/2011/10/09/4
http://www.openwall.com/lists/oss-security/2011/10/10/8
http://bugs.launchpad.net/ubuntu/+source/conky/+bug/607309

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Link following in conky (Alpine package)

Gentoo update for Conky