VULHUB ™

Reportedly, bogopass creates temporary files in a predictable manner. As a result, it is possible for local attackers to read or corrupt files readable by the bogopass process. An attacker could potentially exploit this issue by creating a symbolic link in place of the temporary file which is created. Any actions performed by bogopass when it is executed will be performed on the file pointed to by the symbolic link.

Reportedly, bogopass creates temporary files in a predictable manner. As a result, it is possible for local attackers to read or corrupt files readable by the bogopass process. An attacker could potentially exploit this issue by creating a symbolic link in place of the temporary file which is created. Any actions performed by bogopass when it is executed will be performed on the file pointed to by the symbolic link.