Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 199841 (CVE-2005-4790)

Summary: net-news/blam < 1.8.4 CWD in LD_LIBRARY_PATH (CVE-2005-4790)
Product: Gentoo Security Reporter: Robert Buchholz (RETIRED) <rbu>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: dotnet, jesse, latexer
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: B2 [glsa]
Package list:
Runtime testing required: ---
Attachments:
Description Flags
blam-CVE-2005-4790-insecure-ldpath.patch
none
blam-CVE-2005-4790-insecure-ldpath.patch none

Description Robert Buchholz (RETIRED) gentoo-dev 2007-11-20 23:25:20 UTC 
CVE-2005-4790 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2005-4790):
  Multiple untrusted search path vulnerabilities in SUSE Linux 9.3 and 10.0
  cause the working directory to be added to LD_LIBRARY_PATH, which might allow
  local users to execute arbitrary code via (1) beagle, (2) tomboy, or (3) blam.
Comment 1 Robert Buchholz (RETIRED) gentoo-dev 2007-11-20 23:28:50 UTC 
This bug is for blam.

I'll attach a patch for this, please coordinate the inclusion upstream and apply in the ebuild.
Comment 2 Robert Buchholz (RETIRED) gentoo-dev 2007-11-20 23:32:29 UTC 
Created attachment 136557 [details, diff]
blam-CVE-2005-4790-insecure-ldpath.patch
Comment 3 Pierre-Yves Rofes (RETIRED) gentoo-dev 2007-12-09 00:04:53 UTC 
any news here?
Comment 4 Robert Buchholz (RETIRED) gentoo-dev 2007-12-19 04:02:16 UTC 
Maintainers, please apply the attached patch. Otherwise we will have to bump the package ourselves or apply a p.mask.
Comment 5 Robert Buchholz (RETIRED) gentoo-dev 2008-01-08 01:50:27 UTC 
Created attachment 140433 [details, diff]
blam-CVE-2005-4790-insecure-ldpath.patch

The patch above was a wrong file, sorry.
Comment 6 Robert Buchholz (RETIRED) gentoo-dev 2008-01-08 02:41:25 UTC 
*blam-1.8.4 (08 Jan 2008)

  08 Jan 2008; Robert Buchholz <rbu@gentoo.org>
  -files/blam-1.6.0-gecko-fix.diff,
  -files/blam-1.6.1-mono-1.1.7-compat.diff,
  -files/blam-1.6.1-mono-1.1.7-compat-v2.diff,
  -files/blam-1.8.2-64-bit-int.diff, -files/blam-1.8.2-mono-1.1.17-fix.diff,
  -files/blam-1.8.2-seamonkey.patch, +blam-1.8.4.ebuild:
  Version bump by security for untrusted search path vulnerability
  (CVE-2005-4790, bug #199841). Cleaning up old patches.
Comment 7 Robert Buchholz (RETIRED) gentoo-dev 2008-01-08 02:41:57 UTC 
Arches, please test and mark stable net-news/blam-1.8.4.
Target keywords : "amd64 ppc x86"
Comment 8 Robert Buchholz (RETIRED) gentoo-dev 2008-01-08 02:42:34 UTC 
*** Bug 187283 has been marked as a duplicate of this bug. ***
Comment 9 Christian Faulhammer (RETIRED) gentoo-dev 2008-01-08 09:27:01 UTC 
x86 stable
Comment 10 Peter Weller (RETIRED) gentoo-dev 2008-01-11 17:54:13 UTC 
amd64 done.
Comment 11 Tobias Scherbaum (RETIRED) gentoo-dev 2008-01-11 19:42:13 UTC 
ppc stable
Comment 12 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2008-01-13 14:04:10 UTC 
GLSA request filed.
Comment 13 Robert Buchholz (RETIRED) gentoo-dev 2008-01-27 17:10:56 UTC 
GLSA 200801-14.