CVE-2008-4946

Name of the Vulnerable Software and Affected Versions convirt version 0.8.2

Description The issue allows local users to overwrite arbitrary files via a symlink attack on the /tmp/set output temporary file. This is related to several provision.sh scripts in the image store/ directory, including template /provision.sh, Linux CD Install/provision.sh, Fedora PV Install/provision.sh, CentOS PV Install/provision.sh, common/provision.sh, example/provision.sh, and Windows CD Install/provision.sh.

Recommendations For convirt version 0.8.2, consider restricting access to the /tmp/set output temporary file to prevent symlink attacks until a patch is available. As a temporary workaround, avoid using the provision.sh scripts in the image store/ directory, specifically (1) template /provision.sh, (2) Linux CD Install/provision.sh, (3) Fedora PV Install/provision.sh, (4) CentOS PV Install/provision.sh, (5) common/provision.sh, (6) example/provision.sh, and (7) Windows CD Install/provision.sh, to minimize the risk of exploitation.