First Last Prev Next    No search results available      Search page      Enter new bug
Bug#: 189610
Alias:
Product:
Component:
Status: RESOLVED
Resolution: FIXED
Assigned To: Gentoo Security <security@gentoo.org>
Hardware:
OS:
Version:
Priority:
Severity:
Reporter: Matt Fleming <mjf@gentoo.org>
Add CC:
CC:
Remove selected CCs
URL:
Summary:
Status Whiteboard:
Keywords:
Flags: Requestee:
 
 
  ()

Filename Description Type Creator Created Size Actions
Create a New Attachment (proposed patch, testcase, etc.) View All

Bug 189610 depends on: Show dependency tree
Show dependency graph
Bug 189610 blocks:

Additional Comments: (this is where you put emerge --info)







View Bug Activity   |   Format For Printing   |   XML   |   Clone This Bug

Description:   Opened: 2007-08-20 15:50 0000 
Nikolaus Schulz has reported a security issue in id3lib, which can be
exploited by malicious, local users to gain escalated privileges.

The security issue is caused due to the "RenderV2ToFile()" function
in src/tag_file.cpp handling temporary files in an insecure manner.
This can be exploited to execute arbitrary commands with escalated
privileges (usually root user).

The security issue is reported in version 3.8.3. Other versions may
also be affected.

------- Comment #1 From Matt Fleming 2007-08-20 15:54:18 0000 ------- 
CC'ing maintainer and setting whiteboard status.

------- Comment #2 From Samuli Suominen 2007-08-20 16:17:07 0000 ------- 
upstream is not available anymore, so I'm accepting patches.

------- Comment #3 From Samuli Suominen 2007-08-20 16:54:30 0000 ------- 
(In reply to comment #2)
> upstream is not available anymore, so I'm accepting patches.
> 

Ignore this.

Fixed in id3lib-3.8.3-r6.

------- Comment #4 From Sune Kloppenborg Jeppesen 2007-08-20 19:00:46 0000 ------- 
Arches please test and mark stable. Target keywords are:

id3lib-3.8.3-r6.ebuild:KEYWORDS="alpha amd64 arm hppa ia64 mips ppc ppc64 sh
sparc x86 ~x86-fbsd"

@drac, I'm not familiar with id3lib but could you elaborate on the reported
privilege escalation to root privileges?

------- Comment #5 From Samuli Suominen 2007-08-20 19:07:07 0000 ------- 
(In reply to comment #4)
> @drac, I'm not familiar with id3lib but could you elaborate on the reported
> privilege escalation to root privileges?

See http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=438540 for reference.

------- Comment #6 From Sune Kloppenborg Jeppesen 2007-08-20 19:29:50 0000 ------- 
Rerating:

[21:26] <jaervosz> drac: thx for the reference but I still fail to see why you
should gain root privs by that?
[21:27] <drac> jaervosz: users perhaps, but not roots for sure..
[21:28] <drac> jaervosz: perhaps as in dunno how one could manage even that.
[21:28] <jaervosz> drac: thx, wasn't sure wether secunia just messed up
something or I was overlooking something very trivial

------- Comment #7 From Jeroen Roovers 2007-08-21 05:00:10 0000 ------- 
Stable for HPPA.

------- Comment #8 From Gustavo Zacarias (RETIRED) 2007-08-21 14:55:29 0000 ------- 
sparc stable.

------- Comment #9 From Christoph Mende 2007-08-21 17:24:18 0000 ------- 
amd64 stable

------- Comment #10 From Tobias Scherbaum 2007-08-22 15:19:04 0000 ------- 
ppc stable

------- Comment #11 From Christian Faulhammer 2007-08-22 16:24:19 0000 ------- 
x86 stable

------- Comment #12 From Raúl Porcel 2007-08-24 15:21:57 0000 ------- 
alpha/ia64 stable

------- Comment #13 From Markus Rothe 2007-08-29 10:24:39 0000 ------- 
ppc64 stable

------- Comment #14 From Pierre-Yves Rofes 2007-08-29 12:37:38 0000 ------- 
ready for glsa decision. I tend to vote YES.

------- Comment #15 From Matt Fleming 2007-08-29 14:47:05 0000 ------- 
I vote YES too.

------- Comment #16 From Joshua Kinard 2007-09-02 21:58:32 0000 ------- 
mips stable.

------- Comment #17 From Pierre-Yves Rofes 2007-09-08 12:09:31 0000 ------- 
ok, let's have a glsa on this one.

------- Comment #18 From Matthias Geerdsen 2007-09-15 15:46:11 0000 ------- 
GLSA 200709-08

thanks everyone
First Last Prev Next    No search results available      Search page      Enter new bug