Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 199841 (CVE-2005-4790) - net-news/blam < 1.8.4 CWD in LD_LIBRARY_PATH (CVE-2005-4790)
Summary: net-news/blam < 1.8.4 CWD in LD_LIBRARY_PATH (CVE-2005-4790)
Status: RESOLVED FIXED
Alias: CVE-2005-4790
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High normal
Assignee: Gentoo Security
URL:
Whiteboard: B2 [glsa]
Keywords:
: 187283 (view as bug list)
Depends on:
Blocks:
 
Reported: 2007-11-20 23:25 UTC by Robert Buchholz (RETIRED)
Modified: 2008-01-27 17:10 UTC (History)
3 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments
blam-CVE-2005-4790-insecure-ldpath.patch (blam-CVE-2005-4790-insecure-ldpath.patch,465 bytes, patch)
2007-11-20 23:32 UTC, Robert Buchholz (RETIRED)
no flags Details | Diff
blam-CVE-2005-4790-insecure-ldpath.patch (blam-secure-paths.patch,326 bytes, patch)
2008-01-08 01:50 UTC, Robert Buchholz (RETIRED)
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Robert Buchholz (RETIRED) gentoo-dev 2007-11-20 23:25:20 UTC
CVE-2005-4790 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2005-4790):
  Multiple untrusted search path vulnerabilities in SUSE Linux 9.3 and 10.0
  cause the working directory to be added to LD_LIBRARY_PATH, which might allow
  local users to execute arbitrary code via (1) beagle, (2) tomboy, or (3) blam.
Comment 1 Robert Buchholz (RETIRED) gentoo-dev 2007-11-20 23:28:50 UTC
This bug is for blam.

I'll attach a patch for this, please coordinate the inclusion upstream and apply in the ebuild.
Comment 2 Robert Buchholz (RETIRED) gentoo-dev 2007-11-20 23:32:29 UTC
Created attachment 136557 [details, diff]
blam-CVE-2005-4790-insecure-ldpath.patch
Comment 3 Pierre-Yves Rofes (RETIRED) gentoo-dev 2007-12-09 00:04:53 UTC
any news here?
Comment 4 Robert Buchholz (RETIRED) gentoo-dev 2007-12-19 04:02:16 UTC
Maintainers, please apply the attached patch. Otherwise we will have to bump the package ourselves or apply a p.mask.
Comment 5 Robert Buchholz (RETIRED) gentoo-dev 2008-01-08 01:50:27 UTC
Created attachment 140433 [details, diff]
blam-CVE-2005-4790-insecure-ldpath.patch

The patch above was a wrong file, sorry.
Comment 6 Robert Buchholz (RETIRED) gentoo-dev 2008-01-08 02:41:25 UTC
*blam-1.8.4 (08 Jan 2008)

  08 Jan 2008; Robert Buchholz <rbu@gentoo.org>
  -files/blam-1.6.0-gecko-fix.diff,
  -files/blam-1.6.1-mono-1.1.7-compat.diff,
  -files/blam-1.6.1-mono-1.1.7-compat-v2.diff,
  -files/blam-1.8.2-64-bit-int.diff, -files/blam-1.8.2-mono-1.1.17-fix.diff,
  -files/blam-1.8.2-seamonkey.patch, +blam-1.8.4.ebuild:
  Version bump by security for untrusted search path vulnerability
  (CVE-2005-4790, bug #199841). Cleaning up old patches.
Comment 7 Robert Buchholz (RETIRED) gentoo-dev 2008-01-08 02:41:57 UTC
Arches, please test and mark stable net-news/blam-1.8.4.
Target keywords : "amd64 ppc x86"
Comment 8 Robert Buchholz (RETIRED) gentoo-dev 2008-01-08 02:42:34 UTC
*** Bug 187283 has been marked as a duplicate of this bug. ***
Comment 9 Christian Faulhammer (RETIRED) gentoo-dev 2008-01-08 09:27:01 UTC
x86 stable
Comment 10 Peter Weller (RETIRED) gentoo-dev 2008-01-11 17:54:13 UTC
amd64 done.
Comment 11 Tobias Scherbaum (RETIRED) gentoo-dev 2008-01-11 19:42:13 UTC
ppc stable
Comment 12 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2008-01-13 14:04:10 UTC
GLSA request filed.
Comment 13 Robert Buchholz (RETIRED) gentoo-dev 2008-01-27 17:10:56 UTC
GLSA 200801-14.