Overview
Due to insecure handling of temporary files, some versions of sshd, an encrypted connection program, can delete any file named "cookies" accessible via the computer running sshd.
Description
sshd is the server software used to support ssh, a popular encryted connection program. Some versions of OpenSSH fail to handle temporary files in a secure fashion, allowing their removal during an ssh session. This removal may be reflected in the removal of files named "cookies" on the server. Since sshd runs setuid root, ownership and protection of the "cookies" file will be disregarded. |
Impact
Using this exploit, an attacker may cause loss of data, particularly web location data used in many web sites. |
Solution
Apply vendor patches; see the Systems Affected section below. |
Vendor Information
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | ||
| Temporal | ||
| Environmental |
References
Acknowledgements
This vulnerability was initially reported on the Bugtraq discussion list.
This document was last modified by Tim Shimeall.
Other Information
| CVE IDs: | CVE-2001-0529 |
| Severity Metric: | 0.76 |
| Date Public: | 2001-06-12 |
| Date First Published: | 2001-08-21 |
| Date Last Updated: | 2001-11-15 16:59 UTC |
| Document Revision: | 11 |