Vulnerabilities > CVE-2008-1796 - Denial-Of-Service vulnerability in Comix 3.6.4

047910
CVSS 4.9 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
COMPLETE
local
low complexity
redhat
comix
nessus

Summary

Comix 3.6.4 creates temporary directories with predictable names, which allows local users to cause an unspecified denial of service.

Vulnerable Configurations

Part Description Count
OS
Redhat
2
Application
Comix
1

Nessus

  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2008-2993.NASL
    descriptionSeveral security flaws are reported against comix 3.6.4. One issue is that comix uses os.popen() to execute external commands without handling filenames properly. This may allow malicios users to execute arbitrary commands by opening some files with crafted names. This issue is now identified as CVE-2008-1568. Another issue is that comix creates a directory under /tmp with the name easily predictable by any users. This will cause DOS attach for multiuser system. This new package will fix these issues. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id31823
    published2008-04-11
    reporterThis script is Copyright (C) 2008-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/31823
    titleFedora 7 : comix-3.6.4-6.fc7 (2008-2993)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2008-2981.NASL
    descriptionSeveral security flaws are reported against comix 3.6.4. One issue is that comix uses os.popen() to execute external commands without handling filenames properly. This may allow malicios users to execute arbitrary commands by opening some files with crafted names. This issue is now identified as CVE-2008-1568. Another issue is that comix creates a directory under /tmp with the name easily predictable by any users. This will cause DOS attach for multiuser system. This new package will fix these issues. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id31821
    published2008-04-11
    reporterThis script is Copyright (C) 2008-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/31821
    titleFedora 8 : comix-3.6.4-6.fc8 (2008-2981)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-200804-29.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-200804-29 (Comix: Multiple vulnerabilities) Comix does not properly sanitize filenames containing shell metacharacters when they are passed to the rar, unrar, or jpegtran programs (CVE-2008-1568). Comix also creates directories with predictable names (CVE-2008-1796). Impact : A remote attacker could exploit the first vulnerability by enticing a user to use Comix to open a file with a specially crafted filename, resulting in the execution of arbitrary commands. The second vulnerability could be exploited by a local attacker to cause a Denial of Service by creating a file or directory with the same filename as the predictable filename used by Comix. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id32075
    published2008-04-28
    reporterThis script is Copyright (C) 2008-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/32075
    titleGLSA-200804-29 : Comix: Multiple vulnerabilities