Openwall Project   /home  Owl  JtR  Pro  crypt  pam_passwdqc  tcb  phpass  scanlogd  popa3d  msulogin  /  Linux  BIND  /  advisories  presentations  /  services  donations  /  wordlists  passwords  /  NEWS  community  lists  Wiki  CVSweb  mirrors  signatures
bringing security into open environments
 
Password Recovery Resources on the Net
[<prev] [next>] [<thread-prev] [thread-next>] [month] [year] [list] 
Date: Mon, 9 Nov 2009 19:01:40 -0500 (EST)
From: "Steven M. Christey" <coley@...us.mitre.org>
To: oss-security@...ts.openwall.com
cc: "Steven M. Christey" <coley@...us.mitre.org>
Subject: Re: CVE request: oping allows the disclosure of 
 arbitrary file contents


On Sat, 17 Oct 2009, yersinia wrote:

> On Fri, Oct 16, 2009 at 10:06 PM, Josh Bressers <bressers@...hat.com> wrote:
> > ----- "Julien Tinnes" <julien.tinnes@...il.com> wrote:
> >
> > [snip]
> >
> > I took a look in the oping source. Without another security flaw, this is just
> > a bug, oping doesn't do anything while still root that could be an issue. I
> > agree that it should be fixed, it is a serious bug, but an attacker cannot do
> > anything nefarious with this flaw.
> I think that the upstream mantainer should be have the last word
> http://verplant.org/liboping/

This says:

  2009-09-29 Version 1.3.3 is available. The new release fixes a serious
  security issue in oping: If the application is installed with the
  SetUID-bit, anybody on the system could use oping to read arbitrary
  files using the "-f" option.

So as stated, this sounds worthy of a CVE to me.  Thoughts?

- Steve

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ