Package: sitesummary Version: 0.1.54 sitesummary-client runs during boot and via cronjob with superuser privileges. It creates both a directory with a predictable naming scheme: /tmp/sitesummary-<PID>.
Due to insufficient error checking a user can pre-create directories which then will prevent its creation and prevent the script from changing the current working directory before creating lots of temporary files. In case of a cronjob the current working directory will be /root and during boot it will be /. Thus during boot a tar file of the root directory will be created on /tmp which may fill up the /tmp or root partition depending on disk size and partition scheme. Furthermore, the script will create the tar file following the same naming scheme /tmp/sitesummary-<PID>.tar.gz which in the absence of kernel symlink protection allows for symlink attacks. -- Guido Berhoerster