Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 19 Sep 2012 14:10:39 -0400 (EDT)
From: Jan Lieskovsky <>
To: "Steven M. Christey" <>
Cc:, Damien Stuart <>,
        Michael Rash <>
Subject: CVE Request -- fwknop 2.0.3: Multiple security issues

Hello Kurt, Steve, vendors,

  multiple securit issues have been corrected in 2.0.3 upstream version of
fwknop (
1) multiple DoS / code execution flaws:
   Upstream patch:

2) server did not properly validate allow IP addresses from malicious
   authenticated clients
   Upstream patch:

3) strict filesystem permissions for various fwknop files are not verified
4) local buffer overflow in --last processing with a maliciously constructed ~/ file
   Upstream patch:

For the remaining ones:
5) several conditions in which the server did not properly throw out maliciously constructed variables in the access.conf file
   Upstream patch:

   Note: This doesn't look like a security flaw (previously possible to provide malicious values
   to access.conf file, but I assume it would required administrator privileges).

6) [test suite] Added a new fuzzing capability to ensure proper server-side input validation.
   Note: Test-suite add-on, no CVE needed.

7) Fixed RPM builds by including the $(DESTDIR) prefix for uninstall-local and
   install-exec-hook stages in
   Upstream patch:
   Note: Also doesn't look like a fix for a security flaw.

Could you allocate CVE ids for issues 1), 2), 3), and 4) ?

[Cc-ed Damien and Michael from fwknop upstream to confirm
they {the first four} should receive a CVE identifier].

Thank you && Regards, Jan.
Jan iankko Lieskovsky / Red Hat Security Response Team

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ