Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 75485

Summary: app-text/docbook-sgml-utils: docbook2man tempfile vulnerability
Product: Gentoo Security Reporter: Luke Macken (RETIRED) <lewk>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED INVALID    
Severity: normal CC: text-markup+disabled
Priority: High    
Version: unspecified   
Hardware: All   
OS: All   
URL: http://secunia.com/advisories/13642/
Whiteboard:
Package list:
Runtime testing required: ---

Description Luke Macken (RETIRED) gentoo-dev 2004-12-23 14:50:43 UTC
Description:
Javier Fern
Comment 1 Luke Macken (RETIRED) gentoo-dev 2004-12-23 14:50:43 UTC
Description:
Javier Fernández-Sanguino Peña has reported a vulnerability in Docbook-to-Man, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges.

The vulnerability is caused due to the docbook-to-man.sh script creating temporary files insecurely. This can be exploited via symlink attacks to overwrite arbitrary files with the privileges of the user running the vulnerable script.

Solution:
Grant only trusted users access to affected systems.
Comment 2 Luke Macken (RETIRED) gentoo-dev 2004-12-23 14:51:09 UTC
text-markup, please verify/advise.
Comment 3 Thierry Carrez (RETIRED) gentoo-dev 2004-12-28 04:19:25 UTC
We don't have docbook-to-man, we have docbook2man as part of docbook-sgml-utils. AFAICT it isn't affected by this vulnerability.

Closing as INVALID, feel free to reopen if you think I'm wrong.