Summary: | www-servers/thttpd insecure tempfile creation (CVE-2005-3124) | ||||||
---|---|---|---|---|---|---|---|
Product: | Gentoo Security | Reporter: | Sune Kloppenborg Jeppesen (RETIRED) <jaervosz> | ||||
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> | ||||
Status: | RESOLVED FIXED | ||||||
Severity: | minor | CC: | www-servers+disabled | ||||
Priority: | High | ||||||
Version: | unspecified | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
Whiteboard: | C3 [noglsa] jaervosz | ||||||
Package list: | Runtime testing required: | --- | |||||
Attachments: |
|
Description
Sune Kloppenborg Jeppesen (RETIRED)
2005-10-27 11:18:39 UTC
Javier Fernández-Sanguino Peña from the Debian Security Audit team discovered that the syslogtocern script from thttpd, a tiny webserver, uses a temporary file insecurely, allowing a local attacker to craft a symlink attack to overwrite arbitrary files. Patch by Javier attached. Created attachment 71583 [details, diff]
patch.CVE-2005-3124.thttpd
Waiting for a hint on disclosure date Already public. www-servers herd please check if we ship that script and bump with patch if necessary. (In reply to comment #3) > Already public. > > www-servers herd please check if we ship that script and bump with patch if > necessary. Yes it is installed by make install. I've gone ahead and committed 2.25b-r3 but unless I get rid of the php stuff Stuart added to 2.25b-r2 I don't feel comfortable stabilizing (plus it needs a few deps stabilized first). Stuart, comments? www-servers please make up your mind on which version we should ask to stable-ize to fix this security bug. sent an email to stuart so that we get an answer on this. Hi, I suggest we drop the PHP5 support for now, and stabilise without it. Best regards, Stu Aaron/Stuart we'll call for stable marking of 2.25b-r3 when you confirm. 2.25b-r4 is in cvs w/o php support. x86 stable. ppc please test and mark stable. Marked ppc stable. Ready for GLSA vote. I don't know. This is a misc script for sure, but it's still in path... half yes from here. I tend to vote NO. I'd vote no as well. Reverting vote and closing. |