CVE-2010-4173

libsdp < 1.1.104 - Arbitrary File Write via Symlink Attack on /tmp/libsdp.log

Title source: llm

Description

The default configuration of libsdp.conf in libsdp 1.1.104 and earlier creates log files in /tmp, which allows local users to overwrite arbitrary files via a (1) symlink or (2) hard link attack on the libsdp.log.##### temporary file.

References (4)

Core 4

Core References

Patch mailing-list x_refsource_mlist

http://www.openwall.com/lists/oss-security/2010/11/16/7

Patch x_refsource_confirm

http://www.openfabrics.org/downloads/libsdp/libsdp-1.1.105-0.4.g1b9b996.tar.gz

Patch mailing-list x_refsource_mlist

http://www.openwall.com/lists/oss-security/2010/11/16/2

Patch x_refsource_confirm

https://bugzilla.redhat.com/show_bug.cgi?id=647941

Scores

EPSS 0.0030

EPSS Percentile 21.2%

Details

CWE

CWE-59

Status published

Products (6)

openfabrics/libsdp 1.1.99

openfabrics/libsdp 1.1.100

openfabrics/libsdp 1.1.101

openfabrics/libsdp 1.1.102

openfabrics/libsdp 1.1.103

openfabrics/libsdp < 1.1.104

Published Nov 22, 2010

Tracked Since Feb 18, 2026