CVE-2010-1438

Name of the Vulnerable Software and Affected Versions Web Application Finger Printer (WAFP) versions 0.01 through 0.01-26c3

Description The issue allows local users to cause a denial of service by creating a file with a pathname that the product expects for its internal use. It also enables local users to overwrite arbitrary files via symlink attacks on certain files in /tmp. Additionally, it might allow local users to delete arbitrary files and directories via a symlink attack on a directory under /tmp, and make it easier to obtain sensitive information by reading files in a directory under /tmp. This is related to files such as lib/wafp pidify.rb, utils/generate wafp fingerprint.sh, utils/online update.sh, and utils/extract from db.sh.

Recommendations For Web Application Finger Printer (WAFP) versions 0.01 through 0.01-26c3, consider implementing a secure method for generating temporary file paths to prevent symlink attacks and denial of service. As a temporary workaround, restrict access to the /tmp directory to minimize the risk of exploitation. Avoid using the affected scripts until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.