Summary: | net-dns/avahi-0.6.10: DoS attack / arbitrary code execution | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sven Wegener <swegener> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | major | ||
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B1? [noglsa] DerCorny | ||
Package list: | Runtime testing required: | --- |
Description
Sven Wegener
2006-05-16 10:36:25 UTC
sparc and x86, please test and stable - thanks Does this run as root? If not, this is probably only B3 sparc stable. all done on x86 as well ^.^ Thx Joshua, but please don't close security bugs. Time for GLSA decision. Impact is rather vague so I tend to vote NO. SA 20022 http://secunia.com/advisories/20022 shows details on the impact. i think the buffer overflow comes from these lines of code : http://0pointer.de/cgi-bin/viewcvs.cgi/trunk/avahi-core/rr.c?rev=1209&view=diff&r1=1209&r2=1208&p1=trunk/avahi-core/rr.c&p2=/trunk/avahi-core/rr.c Remote exec of code is serious, but in this case, the official advisory says it is hardly remotely exploitable. http://0pointer.de/cgi-bin/viewcvs.cgi/*checkout*/trunk/docs/NEWS?root=avahi "We do not consider either of them major security threats. " "The buffer overflow is hard to exploit remotely, only local users can become the 'avahi' user. In addition the user is trapped inside a chroot() environment (at least on Linux). " Concerning the DoS issue (exploitable from a local network only), it is also possible to DoS avahi with inconsistent data. So the DoS issue is not very serious as for me. I vote NO. yet another no and closing. Of course, feel free to reopen if you disagree. |