199839 – net-news/liferea CWD in LD_LIBRARY_PATH (CVE-2005-4791)

Bug 199839 - net-news/liferea CWD in LD_LIBRARY_PATH (CVE-2005-4791)

Summary: net-news/liferea CWD in LD_LIBRARY_PATH (CVE-2005-4791)

Status:	RESOLVED INVALID

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	High normal (vote)
Assignee:	Gentoo Security

URL:	http://bugs.debian.org/cgi-bin/bugrep...
Whiteboard:	B2 [ebuild]
Keywords:

Depends on:
Blocks:

Reported:	2007-11-20 22:56 UTC by Robert Buchholz (RETIRED)
Modified:	2007-11-21 08:40 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Robert Buchholz (RETIRED) gentoo-dev

2007-11-20 22:56:42 UTC

CVE-2005-4791 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2005-4791):
  Multiple untrusted search path vulnerabilities in SUSE Linux 10.0 cause the
  working directory to be added to LD_LIBRARY_PATH, which might allow local
  users to execute arbitrary code via (1) liferea or (2) banshee.

Comment 1 Robert Buchholz (RETIRED) gentoo-dev

2007-11-20 22:57:52 UTC

This is for liferea only.

Daniel, please advise.

Comment 2 Daniel Gryniewicz (RETIRED) gentoo-dev

2007-11-21 02:44:54 UTC

This is not an issue for us, since we don't install the liferea script at all.  We replace it with the binary it's supposed to be calling.  As far as I can tell from the links, only the script is vulnerable.

Comment 3 Robert Buchholz (RETIRED) gentoo-dev

2007-11-21 08:40:38 UTC

Thanks for clarifying.