Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-security
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: gentoo-security@g.o
From: dev-random@...
Subject: Re: #342619 RESOLVED WONTFIX
Date: Thu, 28 Oct 2010 04:23:53 +0400
On Wed, Oct 27, 2010 at 08:33:56PM +0200, Volker Armin Hemmann wrote:
> please show me some enterprise distros incorporating that patch.

I didn't test that patch; even if it's incorrect, bugreport is not about
a patch. It's about a security issue.

For example, look here:
http://seclists.org/fulldisclosure/2010/Oct/344

This proof-of-concept exploit still works in gentoo (amd64 stable at least,
even hardened!), because some dangerous variables are not filtered out.

(note if you want to test it: vixie-cron won't execute created file
because it's not executable. Either use another crond, or use exploit to
create e.g. udev rule instead of crontab entry).


Another similar vulunerability caused by not filtering some variables was
found about a week ago. I don't know if it still works in Gentoo, because
hardened is not affected by that one.
http://seclists.org/fulldisclosure/2010/Oct/257





Replies:
Re: #342619 RESOLVED WONTFIX
-- Pavel Labushev
References:
#342619 RESOLVED WONTFIX
-- dev-random
Re: #342619 RESOLVED WONTFIX
-- Kirktis
Re: #342619 RESOLVED WONTFIX
-- Volker Armin Hemmann
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Re: #342619 RESOLVED WONTFIX
Next by thread:
Re: #342619 RESOLVED WONTFIX
Previous by date:
Re: #342619 RESOLVED WONTFIX
Next by date:
Re: #342619 RESOLVED WONTFIX


Updated May 10, 2012

Summary: Archive of the gentoo-security mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.