Overview
The /usr/libexec/vi.recover script in OpenBSD has a vulnerability that could allow an attacker to remove arbitrary zero-length files, including device nodes.
Description
The /usr/libexec/vi.recover script in OpenBSD cleans up vi temp files and informs a user via email if a recovery file exists for an aborted vi session. The vi.recover script is reported to contain an unspecified vulnerability that may allow the removal of arbitrary zero-length files, including device nodes. The vi.recover script in OpenBSD is a perl adaptation of a shell script from the nvi package, which is also reported to be vulnerable and may be present in other UNIX-based operating systems. |
Impact
An attacker may be able to remove arbitrary zero-length files. This could allow a local attacker to cause a local denial of service by removing devices or files that enable services. |
Solution
Obtain a patch for your system from one the following URLs. |
|
Vendor Information
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | ||
| Temporal | ||
| Environmental |
References
Acknowledgements
Thanks to Todd C. Miller for reporting this vulnerability.
This document was written by Shawn Van Ittersum.
Other Information
| CVE IDs: | None |
| Severity Metric: | 0.45 |
| Date Public: | 2001-01-15 |
| Date First Published: | 2002-09-16 |
| Date Last Updated: | 2003-09-18 20:02 UTC |
| Document Revision: | 14 |