Date: Wed, 05 Oct 2011 08:04:19 +0530 From: Huzaifa Sidhpurwala <huzaifas@...hat.com> To: oss-security@...ts.openwall.com Subject: kexec-tools: Multiple security flaws by management of kdump core files and ramdisk images Hi All, Kevan Carstensen reported multiple security flaws in kexec-tools, details are as follows: 1. CVE-2011-3588: The default value of "StrictHostKeyChecking=no" has been used for kdump/ mkdumprd openssh integration. A remote malicious kdump server could use this flaw to impersonate the intended, correct kdump server to obtain security sensitive information (kdump core files). 2. CVE-2011-3589 mkdumprd utility copied content of certain directories into newly created initial ramdisk images, potentially leading to information leak. 3. CVE-2011-2390 mkdumprd utility created the final initial ramdisk image with world-readable permissions, possibly leading to information leak. Reference: https://bugzilla.redhat.com/show_bug.cgi?id=716439 -- Huzaifa Sidhpurwala / Red Hat Security Response Team
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ