The default configuration of libsdp.conf in libsdp 1.1.104 and earlier creates log files in /tmp, which allows local users to overwrite arbitrary files via a (1) symlink or (2) hard link attack on the libsdp.log.##### temporary file.
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Libsdp | Openfabrics | 1.1.102 | 1.1.102 |
Libsdp | Openfabrics | * | 1.1.104 |
Libsdp | Openfabrics | 1.1.103 | 1.1.103 |
Libsdp | Openfabrics | 1.1.99 | 1.1.99 |
Libsdp | Openfabrics | 1.1.101 | 1.1.101 |
Libsdp | Openfabrics | 1.1.100 | 1.1.100 |