Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 103661 - dev-util/cvs temp file issues
Summary: dev-util/cvs temp file issues
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High minor (vote)
Assignee: Gentoo Security
URL: https://bugzilla.redhat.com/bugzilla/...
Whiteboard: B3? [noglsa] jaervosz
Keywords:
: 103303 (view as bug list)
Depends on:
Blocks:
 
Reported: 2005-08-24 22:02 UTC by Sune Kloppenborg Jeppesen (RETIRED)
Modified: 2005-09-04 04:01 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2005-08-24 22:02:05 UTC
I think this was discovered by Marcus Meissner from SUSE and wrongly 
attributed by Secunia. 
 
Insecure temporary file handling in cvsbug program. 
 
Full details in URL.
Comment 1 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2005-08-24 22:03:46 UTC
*** Bug 103303 has been marked as a duplicate of this bug. ***
Comment 2 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2005-08-24 22:04:01 UTC
cvs-utils please verify and bump as needed. 
Comment 3 Robin Johnson archtester Gentoo Infrastructure gentoo-dev Security 2005-08-24 23:21:26 UTC
in cvs now.
Comment 4 Markus Rothe (RETIRED) gentoo-dev 2005-08-25 04:04:36 UTC
stable on ppc64
Comment 5 Ian Leitch (RETIRED) gentoo-dev 2005-08-25 05:28:23 UTC
Stable on x86.
Comment 6 Gustavo Zacarias (RETIRED) gentoo-dev 2005-08-25 07:07:41 UTC
sparc stable.
Comment 7 René Nussbaumer (RETIRED) gentoo-dev 2005-08-25 11:01:17 UTC
Stable on hppa
Comment 8 Michael Hanselmann (hansmi) (RETIRED) gentoo-dev 2005-08-25 11:24:07 UTC
Stable on ppc.
Comment 9 Fernando J. Pereda (RETIRED) gentoo-dev 2005-08-25 12:44:55 UTC
Stable on the shiny alpha architecture :)

Cheers,
Ferdy
Comment 10 Marcus D. Hanwell (RETIRED) gentoo-dev 2005-08-27 17:08:54 UTC
Stable on amd64 - sorry about the delay. 
Comment 11 Thierry Carrez (RETIRED) gentoo-dev 2005-08-28 00:56:58 UTC
CAN-2005-2693
"It is possible that a malicious user could leverage this issue to execute
arbitrary instructions as the user running cvsbug."

Time to vote, I tend to vote yes (more impact than just overwriting a file with
garbage, though cvsbug use is a little unlikely).
Comment 12 Tavis Ormandy (RETIRED) gentoo-dev 2005-08-30 09:21:41 UTC
vote NO, difficult to exploit.

impossible to predict when someone is going to run cvsbug, and even if you could 
social engineer a situation when you knew the precise time that someone was 
going to execute it and convince them that they had found a bug that needed to 
be reported, you still need to win a race condition.
Comment 13 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2005-08-30 12:24:48 UTC
I tend to vote NO. 
Comment 14 Thierry Carrez (RETIRED) gentoo-dev 2005-08-31 00:30:04 UTC
Reversing YES to NO, and closing.
Comment 15 Hardave Riar (RETIRED) gentoo-dev 2005-09-04 04:01:11 UTC
Stable on mips.