vendor:
Geany
by:
Jeremy Brown
4.3
CVSS
MEDIUM
Local File Overwrite
22
CWE
Product Name: Geany
Affected Version From: 0.18
Affected Version To: 0.18
Patch Exists: NO
Related CWE: N/A
CPE: a:geany:geany:0.18
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: Linux
2009
Geany 0.18 Local File Overwrite Exploit
Geany 0.18 is vulnerable to a local file overwrite attack due to its lack of defense against symbolic links when writing the run script used for executing files after compilation. An attacker can create a symbolic link in the working directory, which can be used to overwrite an important file with the contents of the run script. This can be done by creating a symbolic link from /tmp/geany_run_script.sh to /home/linux/important, compiling a program with Geany, and executing the program with Geany.
Mitigation:
Ensure that the working directory is secure and that symbolic links are not allowed.