Products Openwall GNU/*/Linux   server OS John the Ripper   password cracker Free & Open Source for any platform Pro for Linux (RPM package) Pro for Mac OS X (dmg package) Wordlists   for password cracking passwdqc   policy enforcement phpass   password hashing in PHP crypt_blowfish   ditto in C/C++ tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Community Mailing lists Community wiki Donations Resources Source code repository (CVSweb) File archive & mirrors How to verify digital signatures Password recovery resources Recommended books What's new

Date: Fri, 04 May 2012 10:10:05 -0600
From: Kurt Seifried <kseifried@...hat.com>
To: oss-security@...ts.openwall.com
CC: Jan Lieskovsky <jlieskov@...hat.com>,
        "Steven M. Christey" <coley@...us.mitre.org>,
        Peter Jones <pjones@...hat.com>
Subject: Re: CVE Request -- anaconda: Weak permissions by writing
 password configuration file in bootloader configuration module

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 05/04/2012 10:06 AM, Jan Lieskovsky wrote:
> Hello Kurt, Steve, vendors,
> 
> a security flaw was found in the way bootloader configuration
> module of Anaconda, a graphical system installer, stored password
> hashes when performing write of password configuration file (0755
> permissions were used instead of 0700 ones). A local users could
> use this flaw to obtain password hashes and conduct brute force
> password guessing attacks (possibly leading to password 
> circumvention, machine reboot or use of custom kernel or initrd
> command line parameters).
> 
> Upstream patch: [1] 
> http://git.fedorahosted.org/git/?p=anaconda.git;a=commit;h=03ef13b625cc06873a924e0610340f8489fd92df
>
> 
> 
> References: [2] https://bugzilla.redhat.com/show_bug.cgi?id=819031
> 
> Could you allocate a CVE identifier for this?
> 
> Thank you && Regards, Jan. -- Jan iankko Lieskovsky / Red Hat
> Security Response Team

Please use CVE-2012-2314 for this issue.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJPo/9cAAoJEBYNRVNeJnmTnigP/i4qm/8SxQCKtSdbA0ltS78N
fP9gwLS3bXpCxmGidoNxhq3ukA96IObKO4+O4Ofsjpb7En5JiSat1J7t56g8Sy9g
wn5GfYzwmRiPnqTppZWr8mdJEFaSDd9bGP02oCyUnfl3h6OE5Wflm+7St5qJYZNk
GOLAdMAhgho2kEiR1btKRrfHhlZStcz3yNvHWAGF3ZC8Hx+UTbOTqMU9i7/7vo+s
CVfPH2vTjCSEy/0qYhC9o4uGSVUaw6yUDaUx8JPWBWXkxHQZV4UdJl38iW6ytl1j
k8AwTan3FnfRQOPlb6xIHgsV5Z3iUzYzzF73gOMzq8rZOhy97kb/WM4FHkpj/Z3r
1IxtbHbF4H97in6SXTVtsUVGKIylmXUn0dU6Q/jq90vbCuXUBEpXRG05sEjP1AQC
zMmvNVvJDaDHiDOFADHJTx7DZYrlbWoE1RkKFDQNaII+tv7eZeLShQIoUWNTyy/R
DnuTgtfft9jzIrOGY6QuloRIUWsEQSPii/QjBbzbTvRdnF5H0Fy9+eOQ3D7zWdYA
ZcFGg/8tZ7xUQs3+pW6JVt3klWqLF/xc6oVb1O/zWbKE3042XzxvpkhuroYHrC69
jetWJVTGPfVjq2hNYPAhf81MbtDK0HSa0dqZkkXJj9IYAGHLK6Q+uzCtlXjLsdy4
UKzYa4YPHIOyYDq1YH5F
=3W0O
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ