Vulnerability Note VU#417216

sort creates temporary files insecurely

Overview

The sort utility creates temporary files insecurely, making sort subject to a denial-of-service attack.

I. Description

The UNIX sort utility creates temporary files with predictable names. The creation is done in a manner to prevent information loss via a symlink attack, but existence of the file will cause sort to fail, as it aborts when the creation fails.

II. Impact

By crashing the sort utility, an intruder may be able to block the operation of system administration programs.

III. Solution

Apply vendor patches; see the Systems Affected section below.

Systems Affected

Vendor	Status	Date Updated
Apple Computer Inc.	Vulnerable	4-Oct-2001
BSDI	Unknown	14-Aug-2001
Data General	Unknown	14-Aug-2001
Debian	Unknown	24-Jul-2001
DEC	Unknown	14-Aug-2001
FreeBSD	Vulnerable	14-Aug-2001
FreeBSD	Vulnerable	12-Jun-2001
Fujitsu	Not Vulnerable	20-Jun-2001
Hewlett-Packard Company	Vulnerable	27-Jul-2001
IBM	Unknown	14-Aug-2001
NEC Corporation	Unknown	24-Jul-2001
NetBSD	Unknown	14-Aug-2001
NeXT	Unknown	14-Aug-2001
OpenBSD	Unknown	24-Jul-2001
Sequent	Unknown	24-Jul-2001
SGI	Vulnerable	29-May-2003
Siemens Nixdorf	Unknown	24-Jul-2001
Sony Corporation	Unknown	24-Jul-2001
Sun Microsystems Inc.	Not Vulnerable	27-Jul-2001
The SCO Group (SCO Linux)	Vulnerable	29-Jan-2002
The SCO Group (SCO UnixWare)	Vulnerable	29-May-2003
Unisys	Unknown	24-Jul-2001

References

http://www.linuxsecurity.com/advisories/freebsd_advisory-1111.html
http://www.securityfocus.com/bid/3960

Credit

This vulnerability was identified by FreeBSD.

This document was last modified by Tim Shimeall.

Other Information

Date Public	01/30/2001
Date First Published	08/20/2001 03:18:34 PM
Date Last Updated	05/29/2003
CERT Advisory
CVE-ID(s)	CVE-2001-0310
NVD-ID(s)	CVE-2001-0310
US-CERT Technical Alerts
Metric	0.84
Document Revision	13

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Get Adobe Reader