Date: Wed, 23 Jul 2014 08:32:07 +0200 From: Sebastian Krahmer <krahmer@...e.de> To: cve-assign@...re.org Cc: oss-security@...ts.openwall.com Subject: Re: CVE-Request: KAuth authentication bypass On Tue, Jul 22, 2014 at 05:00:06PM -0400, cve-assign@...re.org wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > > https://bugzilla.novell.com/show_bug.cgi?id=864716 > > This was previously discussed in, for example: > > http://openwall.com/lists/oss-security/2014/04/03/1 > > but apparently nobody responded to our question then. It would have > been useful for your new CVE request to have included a pointer back > to the earlier discussion here about exactly the same > bugzilla.novell.com bug number. > > We understand that a patch now exists (one did not exist at the time > of the previous discussion). > > We also understand that org.kde.fontinst.service and > org.kde.kcontrol.kcmclock.service have been mentioned as examples of > services that can be attacked on systems without the patch. > > > Can you confirm that you are asking for a CVE ID for the KAuth > product, not the "PolicyKit Library Qt Bindings" product? Yes indeed. Its the KDE KAuth code using the wrong kind of subject for authentication. > > Should there also be a separate CVE ID for > > https://bugzilla.novell.com/show_bug.cgi?id=864716#c25 > > "The deprecated polkit method in polkit-qt5 bindings has been > updated to polkit_unix_process_new_for_owner." > > ? No, it was a patch proposal for above mentioned bug and it was wrong. > > Should there also be a separate CVE ID for > > https://bugzilla.novell.com/show_bug.cgi?id=864716#c37 > > "Qt, since 5.3, aborts action if the Q*Application is SUID." > > ? Thats up to the Qt developers to request a CVE for this; if its needed. I did not analyze this potential issue as its not related to the KAuth bug in any way. Sebastian -- ~ perl self.pl ~ $_='print"\$_=\47$_\47;eval"';eval ~ krahmer@...e.de - SuSE Security Team
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ