Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 189610 - media-libs/id3lib 3.x Insecure Temporary File Privilege Escalation (CVE-2007-4460)
Summary: media-libs/id3lib 3.x Insecure Temporary File Privilege Escalation (CVE-2007-...
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High minor (vote)
Assignee: Gentoo Security
URL: http://secunia.com/advisories/26536/
Whiteboard: B3? [glsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2007-08-20 15:50 UTC by Matt Fleming (RETIRED)
Modified: 2007-09-15 15:46 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Matt Fleming (RETIRED) gentoo-dev 2007-08-20 15:50:51 UTC
Nikolaus Schulz has reported a security issue in id3lib, which can be
exploited by malicious, local users to gain escalated privileges.

The security issue is caused due to the "RenderV2ToFile()" function
in src/tag_file.cpp handling temporary files in an insecure manner.
This can be exploited to execute arbitrary commands with escalated
privileges (usually root user).

The security issue is reported in version 3.8.3. Other versions may
also be affected.
Comment 1 Matt Fleming (RETIRED) gentoo-dev 2007-08-20 15:54:18 UTC
CC'ing maintainer and setting whiteboard status.
Comment 2 Samuli Suominen gentoo-dev 2007-08-20 16:17:07 UTC
upstream is not available anymore, so I'm accepting patches.
Comment 3 Samuli Suominen gentoo-dev 2007-08-20 16:54:30 UTC
(In reply to comment #2)
> upstream is not available anymore, so I'm accepting patches.
> 

Ignore this.

Fixed in id3lib-3.8.3-r6.
Comment 4 Sune Kloppenborg Jeppesen gentoo-dev 2007-08-20 19:00:46 UTC
Arches please test and mark stable. Target keywords are:

id3lib-3.8.3-r6.ebuild:KEYWORDS="alpha amd64 arm hppa ia64 mips ppc ppc64 sh sparc x86 ~x86-fbsd"

@drac, I'm not familiar with id3lib but could you elaborate on the reported privilege escalation to root privileges?
Comment 5 Samuli Suominen gentoo-dev 2007-08-20 19:07:07 UTC
(In reply to comment #4)
> @drac, I'm not familiar with id3lib but could you elaborate on the reported
> privilege escalation to root privileges?

See http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=438540 for reference.
Comment 6 Sune Kloppenborg Jeppesen gentoo-dev 2007-08-20 19:29:50 UTC
Rerating:

[21:26] <jaervosz> drac: thx for the reference but I still fail to see why you should gain root privs by that?
[21:27] <drac> jaervosz: users perhaps, but not roots for sure..
[21:28] <drac> jaervosz: perhaps as in dunno how one could manage even that.
[21:28] <jaervosz> drac: thx, wasn't sure wether secunia just messed up something or I was overlooking something very trivial
Comment 7 Jeroen Roovers gentoo-dev 2007-08-21 05:00:10 UTC
Stable for HPPA.
Comment 8 Gustavo Zacarias (RETIRED) gentoo-dev 2007-08-21 14:55:29 UTC
sparc stable.
Comment 9 Christoph Mende (RETIRED) gentoo-dev 2007-08-21 17:24:18 UTC
amd64 stable
Comment 10 Tobias Scherbaum (RETIRED) gentoo-dev 2007-08-22 15:19:04 UTC
ppc stable
Comment 11 Christian Faulhammer (RETIRED) gentoo-dev 2007-08-22 16:24:19 UTC
x86 stable
Comment 12 Raúl Porcel (RETIRED) gentoo-dev 2007-08-24 15:21:57 UTC
alpha/ia64 stable
Comment 13 Markus Rothe (RETIRED) gentoo-dev 2007-08-29 10:24:39 UTC
ppc64 stable
Comment 14 Pierre-Yves Rofes (RETIRED) gentoo-dev 2007-08-29 12:37:38 UTC
ready for glsa decision. I tend to vote YES.
Comment 15 Matt Fleming (RETIRED) gentoo-dev 2007-08-29 14:47:05 UTC
I vote YES too.
Comment 16 Joshua Kinard gentoo-dev 2007-09-02 21:58:32 UTC
mips stable.
Comment 17 Pierre-Yves Rofes (RETIRED) gentoo-dev 2007-09-08 12:09:31 UTC
ok, let's have a glsa on this one.
Comment 18 Matthias Geerdsen (RETIRED) gentoo-dev 2007-09-15 15:46:11 UTC
GLSA 200709-08

thanks everyone