First Last Prev Next    No search results available      Search page      Enter new bug
Bug#: 157028
Alias:
Product:
Component:
Status: RESOLVED
Resolution: FIXED
Assigned To: Gentoo Security <security@gentoo.org>
Hardware:
OS:
Version:
Priority:
Severity:
Reporter: Arthur Koziel <arthur@arthurkoziel.de>
Add CC:
CC:
Remove selected CCs
URL:
Summary:
Status Whiteboard:
Keywords:
Flags: Requestee:
 
 
  ()

Filename Description Type Creator Created Size Actions
Create a New Attachment (proposed patch, testcase, etc.) View All

Bug 157028 depends on: Show dependency tree
Show dependency graph
Bug 157028 blocks:

Additional Comments: (this is where you put emerge --info)


Not eligible to see or edit group visibility for this bug.






View Bug Activity   |   Format For Printing   |   XML   |   Clone This Bug

Description:   Opened: 2006-12-03 15:38 0000 
Hi,
please bump www-client/links to pre26.

In the changelog, there's also a entry about a severe security bug
http://links.twibright.com/download/ChangeLog

Tue Nov 28 23:13:38 MET 2006 mikulas:

        Fixed severe security bug: '"' and ';' in smb:// url could be used for
        remote command execution.

Thanks!

------- Comment #1 From Marcelo Goes 2006-12-03 17:33:31 0000 ------- 
Thanks, 2.1_pre26 in cvs.
Security, I believe you take it from here :-).

Cheers

------- Comment #2 From Christian Faulhammer 2006-12-04 00:32:35 0000 ------- 
x86 done

------- Comment #3 From Gustavo Zacarias (RETIRED) 2006-12-04 06:27:01 0000 ------- 
sparc stable.

------- Comment #4 From Jeroen Roovers 2006-12-04 07:38:07 0000 ------- 
Stable for HPPA.

------- Comment #5 From Fabian Groffen 2006-12-04 08:54:01 0000 ------- 
moved to prefix.

------- Comment #6 From Alexander Færøy 2006-12-04 09:16:33 0000 ------- 
Stable on Alpha.

------- Comment #7 From Tobias Scherbaum 2006-12-04 10:24:49 0000 ------- 
ppc stable

------- Comment #8 From Markus Rothe 2006-12-04 10:44:38 0000 ------- 
ppc64 stable

------- Comment #9 From Sune Kloppenborg Jeppesen 2006-12-05 00:47:49 0000 ------- 
Correcting component.

------- Comment #10 From Malcolm Lashley (RETIRED) 2006-12-05 14:20:08 0000 ------- 
amd64 done

------- Comment #11 From Matthias Geerdsen 2006-12-07 02:24:42 0000 ------- 
hard to rate this... B3 might be closes

from Secunia:
Successful exploitation allows exposure of sensitive information or
manipulation of data, but requires that the user visits a malicious "smb://"
URL or gets redirected to such an URL by a malicious URL, and that the user has
the smbclient program installed.

security please vote

------- Comment #12 From Sune Kloppenborg Jeppesen 2006-12-07 03:34:35 0000 ------- 
I tend to vote NO. How often do you use lins for smb:// stuff?

------- Comment #13 From Wolf Giesen (RETIRED) 2006-12-07 03:42:01 0000 ------- 
I guess it's not whether you would use it, but you could be enticed to use it
by a malicious site. If this works for <IMG SRC="smb://..."> tags for example,
you'll be screwed. (Note that I don't know whether it does, I just remember a
bug like that in firefox.) Redirection will not automatically screw you, though
(at least not in the default conf).

I tend to vote yes. I admit it's "thin", but it's also bad ^_^

------- Comment #14 From Raphael Marichez 2006-12-10 12:51:40 0000 ------- 
i vote yes... and isn't it a B2 instead of B3 ?

------- Comment #15 From Matthias Geerdsen 2006-12-10 13:05:39 0000 ------- 
ok, agreed... let's have a GLSA

------- Comment #16 From Raphael Marichez 2006-12-15 07:56:39 0000 ------- 
GLSA 200612-16

------- Comment #17 From Raúl Porcel 2007-03-31 18:20:24 0000 ------- 
ia64 done
First Last Prev Next    No search results available      Search page      Enter new bug