Secunia Security Advisory - Cyrille Barthelemy has reported a vulnerability in Nessus, potentially allowing malicious users to escalate their privileges. The problem is caused by a race condition in nessus-adduser if the user has not specified the environment variable TMPDIR. This has been reported to affect version 2.0.11. Prior versions may also be affected.
2da900c4d0c2542195ad87610199687b4c2599227bcecee7b1c7224405afa3bd
TITLE:
Nessus "adduser" Race Condition Vulnerability
SECUNIA ADVISORY ID:
SA12127
VERIFY ADVISORY:
http://secunia.com/advisories/12127/
CRITICAL:
Less critical
IMPACT:
Privilege escalation
WHERE:
Local system
SOFTWARE:
Nessus 2.x
http://secunia.com/product/1397/
DESCRIPTION:
Cyrille Barthelemy has reported a vulnerability in Nessus,
potentially allowing malicious users to escalate their privileges.
The problem is caused by a race condition in "nessus-adduser" if the
user hasn't specified the environment variable "TMPDIR".
This has been reported to affect version 2.0.11. Prior versions may
also be affected.
SOLUTION:
This has been fixed in version 2.0.12.
http://www.nessus.org/nessus_2_0.html
PROVIDED AND/OR DISCOVERED BY:
Cyrille Barthelemy
ORIGINAL ADVISORY:
http://www.nessus.org/nessus_2_0.html
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------