CVE-2012-4454
First published: Mon Aug 15 2011(Updated: )
opencryptoki, when compiled with -DSPINXPL (as it is in Red Hat Enterprise Linux and Fedora), creates certain dot files in the /tmp directory, such as .pkapi_xpk and .pkcs11spinloc. These are not temporary files and are rather used for locking purposes. They are created in a way that allows symlink attacks. As files are opened RDWR, and not written to, they don't seem to allow file corruption as typical symlink attacks do. It is still possible to create new files at arbitrary locations (e.g. /etc/nologin) or make arbitrary file world writable (e.g. /etc/shadow) with the privileges of the user running pkcsslotd or an application using opencrpytoki library. Attacker does not need to be a member of the pkcs11 group, though symlinks would usually need to be created before the first use of the opencryptoki on the system.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Opencryptoki Project Opencryptoki | <=2.4 | |
| Opencryptoki Project Opencryptoki | =2.2.3 | |
| Opencryptoki Project Opencryptoki | =2.2.4 | |
| Opencryptoki Project Opencryptoki | =2.2.4.1 | |
| Opencryptoki Project Opencryptoki | =2.2.5 | |
| Opencryptoki Project Opencryptoki | =2.2.6 | |
| Opencryptoki Project Opencryptoki | =2.2.7 | |
| Opencryptoki Project Opencryptoki | =2.2.8 | |
| Opencryptoki Project Opencryptoki | =2.3.0 | |
| Opencryptoki Project Opencryptoki | =2.3.1 | |
| Opencryptoki Project Opencryptoki | =2.3.2 | |
| Opencryptoki Project Opencryptoki | =2.3.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://opencryptoki.git.sourceforge.net/git/gitweb.cgi?p=opencryptoki/opencryptoki%3Ba=commitdiff%3Bh=58345488c9351d9be9a4be27c8b407c2706a33a9
- http://opencryptoki.git.sourceforge.net/git/gitweb.cgi?p=opencryptoki/opencryptoki%3Ba=commitdiff%3Bh=b7fcb3eb0319183348f1f4fb90ede4edd6487c30
- http://secunia.com/advisories/50702
- http://sourceforge.net/mailarchive/message.php?msg_id=28878345
- http://www.openwall.com/lists/oss-security/2012/09/07/2
- http://www.openwall.com/lists/oss-security/2012/09/07/6
- http://www.openwall.com/lists/oss-security/2012/09/09/2
- http://www.openwall.com/lists/oss-security/2012/09/20/6
- http://www.openwall.com/lists/oss-security/2012/09/25/5
- http://www.openwall.com/lists/oss-security/2012/09/27/2
- http://www.securityfocus.com/bid/55627
- https://bugzilla.redhat.com/show_bug.cgi?id=730636
- https://exchange.xforce.ibmcloud.com/vulnerabilities/78797
- http://sourceforge.net/p/opencryptoki/opencryptoki/ci/58345488c9351d9be9a4be27c8b407c2706a33a9
- http://sourceforge.net/p/opencryptoki/opencryptoki/ci/b7fcb3eb0319183348f1f4fb90ede4edd6487c30
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=730636#c2
- http://sourceforge.net/p/opencryptoki/opencryptoki/ci/5834548
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=730636#c0
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=730635
- http://thread.gmane.org/gmane.comp.security.oss.general/8334
- https://access.redhat.com/security/cve/CVE-2012-4454
- http://thread.gmane.org/gmane.comp.security.oss.general/8334/focus=8509
- https://access.redhat.com/security/cve/CVE-2012-4455
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=730636#c6
- http://sourceforge.net/p/opencryptoki/opencryptoki/ci/8a63b3b17d34718d0f8c7525f93b5eb3c623076a
- https://rhn.redhat.com/errata/RHBA-2013-1592.html
- collector/redhat-bugzilla
- alias/CVE-2012-4454
- collector/nvd-index
- vendor/opencryptoki project
- canonical/opencryptoki project opencryptoki
- version/opencryptoki project opencryptoki/2.4
- version/opencryptoki project opencryptoki/2.2.3
- version/opencryptoki project opencryptoki/2.2.4
- version/opencryptoki project opencryptoki/2.2.4.1
- version/opencryptoki project opencryptoki/2.2.5
- version/opencryptoki project opencryptoki/2.2.6
- version/opencryptoki project opencryptoki/2.2.7
- version/opencryptoki project opencryptoki/2.2.8
- version/opencryptoki project opencryptoki/2.3.0
- version/opencryptoki project opencryptoki/2.3.1
- version/opencryptoki project opencryptoki/2.3.2
- version/opencryptoki project opencryptoki/2.3.3