Date: Thu, 6 Feb 2014 14:27:04 +0100 From: Jakub Wilk <jwilk@...ian.org> To: oss-security@...ts.openwall.com Subject: Re: [notification] CVE-2013-6888: uscan: remote code execution * Raphael Geissert <geissert@...ian.org>, 2014-01-06, 11:57: >Two other changes were made that IMO should be considered as hardening: >http://anonscm.debian.org/gitweb/?p=collab-maint/devscripts.git;a=commitdiff;h=4b7e58ee6000cdefac0682601cec6ecce0137467 I believe that untarring files to a direct subdirectory of /tmp (at least without --keep-old-files) is a vulnerability, although admittedly with very low severity. If the tarball contained a "." file, then tar would change permissions of the destination directory, possibly making the directly accessible to other users. This is (similar to?) CWE-378. >http://anonscm.debian.org/gitweb/?p=collab-maint/devscripts.git;a=commitdiff;h=b815aa438f018b5afc566eb403b0319a99a32995 As far as I can tell, this one is indeed hardening only. -- Jakub Wilk
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ