Gentoo Bug 250474 - <media-sound/cmus-2.2.0-r1 cmus-status-display symlink attack (CVE-2008-5375)

Bug List: (This bug is not in your last search results) Show last search results Search page Enter new bug

Bug#:	250474
Alias:
Product:
Component:
Status:	RESOLVED
Resolution:	FIXED
Assigned To:	Gentoo Security <security@gentoo.org>

Hardware:
OS:
Version:
Priority:
Severity:

Reporter:	Steven Susbauer <stupendoussteve@hotmail.com>
Add CC:
CC:

URL:
Summary:
Status Whiteboard:
Keywords:

Flags:			Requestee:
	Pending
	Approved
	Assigned_To		()

Filename	Description	Type	Creator	Created	Size	Actions
Create a New Attachment (proposed patch, testcase, etc.)						View All

Bug 250474 depends on:			Show dependency tree
Bug 250474 blocks:	235770		Show dependency tree

Additional Comments: (this is where you put emerge --info)

Add to CC list

Not eligible to see or edit group visibility for this bug.

Leave as RESOLVED FIXED
Reopen bug
Mark bug as VERIFIED
Mark bug as CLOSED

View Bug Activity | Format For Printing | XML | Clone This Bug

Description:

Opened: 2008-12-10 04:42 0000

From CVE-2008-5375
(http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5375)
 cmus-status-display in cmus 2.2.0 allows local users to overwrite arbitrary
files via a symlink attack on the /tmp/cmus-status temporary file.

Reproducible: Always

------- Comment #1 From Samuli Suominen 2009-05-12 06:19:40 0000 -------

*cmus-2.2.0-r1 (12 May 2009)

  12 May 2009; Samuli Suominen <ssuominen@gentoo.org> +cmus-2.2.0-r1.ebuild,
  +files/cmus-2.2.0-symlink_attack.patch:
  CVE-2008-5375, symlink attack wrt #250474.

amd64/x86, please test and mark stable.
security, please adjust the bug fields, still can't remember how you want it
done :-)

------- Comment #2 From Christian Faulhammer 2009-05-12 12:14:55 0000 -------

x86 stable

------- Comment #3 From Markus Meier 2009-05-13 18:20:48 0000 -------

amd64 stable, all arches done.

------- Comment #4 From Samuli Suominen 2009-05-13 18:48:51 0000 -------

And vulnerable version removed from tree.

------- Comment #5 From Tobias Heinlein 2009-05-22 10:46:41 0000 -------

All arches done, entering [glsa?]. I vote YES.

------- Comment #6 From Stefan Behte 2009-06-23 20:29:54 0000 -------

Yes too. Request filed.

------- Comment #7 From Alex Legler 2009-09-09 13:34:43 0000 -------

GLSA 200909-08

Bug List: (This bug is not in your last search results) Show last search results Search page Enter new bug

Bugzilla Bug 250474

<media-sound/cmus-2.2.0-r1 cmus-status-display symlink attack (CVE-2008-5375)

Last modified: 2009-09-09 13:34:43 0000