Rapid7 Vulnerability & Exploit Database

RHSA-2001:171: Updated SANE and XSane packages fix temporary file handling vulnerabilities

Back to Search

RHSA-2001:171: Updated SANE and XSane packages fix temporary file handling vulnerabilities

Severity
2
CVSS
(AV:L/AC:L/Au:N/C:N/I:P/A:N)
Published
12/11/2001
Created
07/25/2018
Added
10/28/2005
Modified
07/04/2017

Description

Updated SANE and XSane packages are available, which fix insecure handling of temporary files.

XSane is an X-based interface providing access to scanners, digital cameras, and other capture devices. When XSane creates temporary files, it does so with predictable filenames in a manner that would follow symbolic links. This could allow a local user to overwrite files written by the user running XSane. Additionally, the SANE library that XSane uses also has some similar problems. When some SANE backend drivers created temporary files they did so in a manner that would follow symbolic links. These packages prevent that kind of attack. The default configuration had one of these dangerous backends enabled. These packages update XSane to version 0.82 and turn off the vulnerable backend in the default configuration. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CAN-2001-0887 and CAN-2001-0890 to these issues.

Solution(s)

  • redhat-upgrade-sane
  • redhat-upgrade-sane-backends
  • redhat-upgrade-sane-backends-devel
  • redhat-upgrade-sane-devel
  • redhat-upgrade-xsane
  • redhat-upgrade-xsane-gimp

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;