Heartbeat: Insecure temporary file creation
Gentoo Linux Security Advisory
||GLSA 200508-05 / Heartbeat
||August 07, 2005
||August 07, 2005: 01
All supported architectures
Heartbeat is vulnerable to symlink attacks, potentially allowing a local
user to overwrite arbitrary files.
Heartbeat is a component of the High-Availability Linux project.
It it used to perform death-of-node detection, communications and
Eric Romang has discovered that Heartbeat insecurely creates
temporary files with predictable filenames.
A local attacker could create symbolic links in the temporary file
directory, pointing to a valid file somewhere on the filesystem. When a
vulnerable script is executed, this could lead to the file being
overwritten with the rights of the user running the affected
There is no known workaround at this time.
All Heartbeat users should upgrade to the latest version:
Code Listing 3.1: Resolution
# emerge --sync
# emerge --ask --oneshot --verbose ">=sys-cluster/heartbeat-1.2.3-r1"