Vigil@nce - Perl Proc-Daemon: altering the pid file
January 2014 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
A local attacker can change the pid indicated in the pid file of
Perl Proc::Daemon applications, in order to trigger a denial of
service for example.
Impacted products: Unix (platform)
Severity: 1/4
Creation date: 07/01/2014
DESCRIPTION OF THE VULNERABILITY
The Perl Proc::Daemon module is used to manage Unix services.
A pid file stores the identifier of the process associated with
the daemon in order to kill it for example. However, Proc::Daemon
uses an umask of 0. The file is thus created with a mode which
does not forbid its edition by local users.
A local attacker can therefore change the pid indicated in the pid
file of Perl Proc::Daemon applications, in order to trigger a
denial of service for example.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Perl-Proc-Daemon-altering-the-pid-file-14028