USN-100-1: cdrecord vulnerability
24 March 2005
cdrecord vulnerability
Releases
Details
Javier Fernández-Sanguino Peña noticed that cdrecord created temporary
files in an insecure manner if DEBUG was enabled in
/etc/cdrecord/rscsi. If the default value was used (which stored the
debug output file in /tmp), this could allow a symbolic link attack to
create or overwrite arbitrary files with the privileges of the user
invoking cdrecord.
Please note that DEBUG is not enabled by default in Ubuntu, so if you
did not explicitly enable it, this does not affect you.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 4.10
-
cdrecord
-
In general, a standard system update will make all the necessary changes.