Arbitrary File Writecli
Affected versions of
cli use predictable temporary file names. If an attacker can create a symbolic link at the location of one of these temporarly file names, the attacker can arbitrarily write to any file that the user which owns the
cli process has permission to write to.
Proof of Concept
By creating Symbolic Links at the following locations, the target of the link can be written to.
lock_file = '/tmp/' + cli.app + '.pid', log_file = '/tmp/' + cli.app + '.log';
Update to version 1.0.0 or later.
publishedAdvisory publishedJun 15th, 2016
reportedInitial report by Steve KempMar 28th, 2016