Summary: | [vuxml] [patch] net-p2p/verlihub: document and fix CVE-2008-5706 | ||
---|---|---|---|
Product: | Ports & Packages | Reporter: | Eygene Ryabinkin <rea-fbsd> |
Component: | Individual Port(s) | Assignee: | Martin Wilke <miwi> |
Status: | Closed FIXED | ||
Severity: | Affects Only Me | ||
Priority: | Normal | ||
Version: | Latest | ||
Hardware: | Any | ||
OS: | Any |
Description
Eygene Ryabinkin
2008-12-27 21:00:15 UTC
Responsible Changed From-To: freebsd-ports-bugs->miwi miwi@ wants his PRs (via the GNATS Auto Assign Tool) Maintainer of net-p2p/verlihub, Please note that PR ports/129981 has just been submitted. If it contains a patch for an upgrade, an enhancement or a bug fix you agree on, reply to this email stating that you approve the patch and a committer will take care of it. The full text of the PR can be found at: http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/129981 -- Edwin Groothuis via the GNATS Auto Assign Tool edwin@FreeBSD.org State Changed From-To: open->feedback Awaiting maintainers feedback (via the GNATS Auto Assign Tool) Added reference to CVE-2008-5705 to the VuXML entry. --- vuln.xml begins here --- <vuln vid="4b2c603e-d456-11dd-84ec-001fc66e7203"> <topic>verlihub -- insecure temporary file usage and arbitrary command execution</topic> <affects> <package> <name>verlihub</name> <range><lt>0.9.8.d.r2_2,1</lt></range> </package> </affects> <description> <body xmlns="http://www.w3.org/1999/xhtml"> <p>Anonymous security researcher reports:</p> <blockquote cite="http://milw0rm.com/exploits/7183"> <p>Verlihub does not sanitize user input passed to the shell via its "trigger" mechanism.</p> </blockquote> <p>Entry for CVE-2008-5706 says:</p> <blockquote cite="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5706"> <p>The cTrigger::DoIt function in src/ctrigger.cpp in the trigger mechanism in the daemon in Verlihub 0.9.8d-RC2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the /tmp/trigger.tmp temporary file.</p> </blockquote> </body> </description> <references> <cvename>CVE-2008-5705</cvename> <cvename>CVE-2008-5706</cvename> <url>http://milw0rm.com/exploits/7183</url> </references> <dates> <discovery>22-11-2008</discovery> <entry>TODAY</entry> </dates> </vuln> --- vuln.xml ends here --- -- Eygene _ ___ _.--. # \`.|\..----...-'` `-._.-'_.-'` # Remember that it is hard / ' ` , __.--' # to read the on-line manual )/' _/ \ `-_, / # while single-stepping the kernel. `-'" `"\_ ,_.-;_.-\_ ', fsc/as # _.-'_./ {_.' ; / # -- FreeBSD Developers handbook {_.-``-' {_/ # > Maintainer of net-p2p/verlihub, > > Please note that PR ports/129981 has just been submitted. > > If it contains a patch for an upgrade, an enhancement or a bug fix > you agree on, reply to this email stating that you approve the patch > and a committer will take care of it. > > The full text of the PR can be found at: > http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/129981 > > -- > Edwin Groothuis via the GNATS Auto Assign Tool > edwin@FreeBSD.org > I test attached to PR patch on real server and can approve that port builds and runs OK. BTW, please, change my email in contacts from skylord@vt.net.ru to skylord@linkline.ru Thanks in advance! State Changed From-To: feedback->closed Committed. Thanks! miwi 2009-01-11 19:42:13 UTC FreeBSD ports repository Modified files: net-p2p/verlihub Makefile Added files: net-p2p/verlihub/files patch-CVE-2008-5706 Log: - Fix insecure temporary file usage and arbitrary command execution PR: 129981 (based on) Submitted by: Eygene Ryabinkin <rea-fbsd@codelabs.ru> Approved by: maintainer Revision Changes Path 1.24 +2 -3 ports/net-p2p/verlihub/Makefile 1.1 +82 -0 ports/net-p2p/verlihub/files/patch-CVE-2008-5706 (new) _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org" |