Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Tue, 2 Mar 2010 13:52:05 -0700
From: Vincent Danen <vdanen@...hat.com>
To: "Steven M. Christey" <coley@...us.mitre.org>
Cc: oss-security@...ts.openwall.com
Subject: CVE-2009-3297 samba/ncpfs/fuse issues granted individual 2010 CVE
 names?

* [2010-03-02 13:05:28 -0500] nobody@...hat.com via RT wrote:

Hi, Steve.  I'm confused about these three CVEs, particularly since
CVE-2009-3297 was assigned to this issue (I suppose it would be more
correct to have 3 CVEs for the issue, but I'm not sure then why
CVE-2009-3297 was completely ignored unless you intend for it to be not
used/duplicated to one of these?).

I'm also confused on using a 2010-based name since our bugzilla entry is
dated 2009-11-04, and Samba upstream has their reported dated
2009-10-28, so these should have received 2009-based names.

We've used CVE-2009-3297 all over the place so it's pretty hard to miss.
Looking at the references just for the samba issue (your CVE-2010-0787),
all of the references except the git commits refer to CVE-2009-3297.

Can you clarify why this was done?  CC'ing oss-security in case anyone
else has noticed this as well.

Thanks.

>======================================================
>Name: CVE-2010-0787
>Status: Candidate
>URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0787
>Final-Decision:
>Interim-Decision:
>Modified:
>Proposed:
>Assigned: 20100302
>Category:
>Reference: CONFIRM:http://git.samba.org/?p=samba.git;a=commit;h=3ae5dac462c4ed0fb2cd94553583c56fce2f9d80
>Reference: CONFIRM:http://git.samba.org/?p=samba.git;a=commit;h=a0c31ec1c8d1220a5884e40d9ba6b191a04a24d5
>Reference: CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=532940
>Reference: CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=558833
>Reference: CONFIRM:https://bugzilla.samba.org/show_bug.cgi?id=6853
>Reference: FEDORA:FEDORA-2010-1190
>Reference: URL:http://lists.fedoraproject.org/pipermail/package-announce/2010-January/034444.html
>Reference: FEDORA:FEDORA-2010-1218
>Reference: URL:http://lists.fedoraproject.org/pipermail/package-announce/2010-January/034470.html
>Reference: UBUNTU:USN-893-1
>Reference: URL:http://www.ubuntu.com/usn/USN-893-1
>Reference: BID:37992
>Reference: URL:http://www.securityfocus.com/bid/37992
>Reference: SECUNIA:38286
>Reference: URL:http://secunia.com/advisories/38286
>Reference: SECUNIA:38308
>Reference: URL:http://secunia.com/advisories/38308
>Reference: SECUNIA:38357
>Reference: URL:http://secunia.com/advisories/38357
>Reference: XF:sambaclient-mountcifs-symlink(55944)
>Reference: URL:http://xforce.iss.net/xforce/xfdb/55944
>
>client/mount.cifs.c in mount.cifs in smbfs in Samba 3.0.22, 3.0.28a,
>3.2.3, 3.3.2, 3.4.0, and 3.4.5 allows local users to mount a CIFS
>share on an arbitrary mountpoint, and gain privileges, via a symlink
>attack on the mountpoint directory file.
>
>
>
>======================================================
>Name: CVE-2010-0788
>Status: Candidate
>URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0788
>Final-Decision:
>Interim-Decision:
>Modified:
>Proposed:
>Assigned: 20100302
>Category:
>Reference: CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=532940
>Reference: CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=558833
>Reference: FEDORA:FEDORA-2010-1145
>Reference: URL:http://lists.fedoraproject.org/pipermail/package-announce/2010-January/034403.html
>Reference: FEDORA:FEDORA-2010-1168
>Reference: URL:http://lists.fedoraproject.org/pipermail/package-announce/2010-January/034422.html
>Reference: SECUNIA:38327
>Reference: URL:http://secunia.com/advisories/38327
>Reference: SECUNIA:38371
>Reference: URL:http://secunia.com/advisories/38371
>
>ncpfs 2.2.6 allows local users to cause a denial of service, obtain
>sensitive information, or possibly gain privileges via symlink attacks
>involving the (1) ncpmount and (2) ncpumount programs.
>
>
>
>======================================================
>Name: CVE-2010-0789
>Status: Candidate
>URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0789
>Final-Decision:
>Interim-Decision:
>Modified:
>Proposed:
>Assigned: 20100302
>Category:
>Reference: CONFIRM:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=567633
>Reference: CONFIRM:http://sourceforge.net/projects/fuse/files/ReleaseNotes/fuse-2.8.3.html/view
>Reference: CONFIRM:http://sourceforge.net/projects/fuse/files/fuse-2.X/2.7.5/fuse-2.7.5.tar.gz/download
>Reference: CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=532940
>Reference: CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=558833
>Reference: DEBIAN:DSA-1989
>Reference: URL:http://www.debian.org/security/2010/dsa-1989
>Reference: FEDORA:FEDORA-2010-1140
>Reference: URL:http://lists.fedoraproject.org/pipermail/package-announce/2010-February/034518.html
>Reference: FEDORA:FEDORA-2010-1159
>Reference: URL:http://lists.fedoraproject.org/pipermail/package-announce/2010-February/034580.html
>Reference: UBUNTU:USN-892-1
>Reference: URL:http://www.ubuntu.com/usn/USN-892-1
>Reference: BID:37983
>Reference: URL:http://www.securityfocus.com/bid/37983
>Reference: SECUNIA:38261
>Reference: URL:http://secunia.com/advisories/38261
>Reference: SECUNIA:38287
>Reference: URL:http://secunia.com/advisories/38287
>Reference: SECUNIA:38359
>Reference: URL:http://secunia.com/advisories/38359
>Reference: SECUNIA:38437
>Reference: URL:http://secunia.com/advisories/38437
>Reference: XF:fuse-fusermount-dos(55945)
>Reference: URL:http://xforce.iss.net/xforce/xfdb/55945
>
>fusermount in FUSE before 2.7.5, and 2.8.x before 2.8.2, allows local
>users to unmount an arbitrary FUSE filesystem share via a symlink
>attack on a mountpoint.
>
>
>
>

-- 
Vincent Danen / Red Hat Security Response Team 

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.