exploits , vulnerabilities , articles , X.Org XFS Init Script Insecure Temporary File Creation Vulnerability

Title	X.Org XFS Init Script Insecure Temporary File Creation Vulnerability
Published	2007-07-12-12:00AM
Updated	2008-02-21-06:43PM
Class	Race Condition Error
CVE	CVE-2007-3103
Remote	No
Local	Yes
Credit	An anonymous reporter discovered this issue. This issue as disclosed in the referenced iDefense advisory.
Vulnerable	X.org xfs 1.0.2 X.org xfs 1.0.1 X.org X11R6 6.8.2 MandrakeSoft Linux Mandrake 10.2 x86_64 MandrakeSoft Linux Mandrake 10.2 Ubuntu Ubuntu Linux 5.0 4 powerpc Ubuntu Ubuntu Linux 5.0 4 i386 Ubuntu Ubuntu Linux 5.0 4 amd64 rPath rPath Linux 1 RedHat Fedora Core6 RedHat Enterprise Linux WS 4 RedHat Enterprise Linux ES 4 RedHat Enterprise Linux Desktop 5 client RedHat Enterprise Linux AS 4 RedHat Enterprise Linux 5 server RedHat Desktop 4.0 Gentoo Linux Foresight Linux Foresight Linux 1.1 Debian Linux 4.0 sparc Debian Linux 4.0 s/390 Debian Linux 4.0 powerpc Debian Linux 4.0 mipsel Debian Linux 4.0 mips Debian Linux 4.0 m68k Debian Linux 4.0 ia64 Debian Linux 4.0 ia32 Debian Linux 4.0 hppa Debian Linux 4.0 arm Debian Linux 4.0 amd64 Debian Linux 4.0 alpha Debian Linux 4.0 Avaya Messaging Storage Server MSS 3.0
Not Vulnerable
Code	An attacker uses readily available commands to exploit the issue.The following exploit code is available: /data/vulnerabilities/exploits/24888.sh
TXT