Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 29 Sep 2016 06:36:43 -0400 (EDT)
From: cve-assign@...re.org
To: aacid@....org
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com
Subject: Re: kdesu vulnerability: need CVE

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> The problem is that you could sneak an unicode string terminator in the kdesu invocation
> and the label showing which command will be executed ended there but we did execute the whole thing,
> that is,
> 
>    echo Hi@; whoami > /tmp/filebyroot
> 
> If @ is the unicode string terminator would only tell the user kdesu would execute "echo Hi"
> but would create the /tmp/filebyroot file as root
> 
> The fix is already available at
> https://github.com/KDE/kde-cli-tools/commit/5eda179a099ba68a20dc21dc0da63e85a565a171

>> Make sure people are not trying to sneak invisible characters on the kdesu label
>> kdesu.cpp

Use CVE-2016-7787.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJX7O5eAAoJEHb/MwWLVhi2ZJYP/3z7JAGJAtY4YkSyMy97A+q/
B5s3hRzWrvpZesyNf80sCuY0PvTnoMiS80nOWYlYVyERbr/1hVh7YQ+GLzpEs/ud
KPhYqhPVNO/tC9ELW1LkAwaYKI4zJXf7yZFIgsuCZI1tgriRf+ehS40eg3tBnCoF
d03nbntQH5ADVZH+KxnnaKMZFfBRQDcMBP7XTcrfXCN5czju13TEWTYKPtL1s4rm
UlyeDQzJ9n+ou6NpNo9HfY+4QILw6mOHrxGl/SczeFgdCCJBwLvXiMAQXi8lLe0z
TmB7eCT1E8Bm7gpGQJUlcoD1PCBRHq1k6hCiTRLupkmYXHGjwWzJRMKqnnG5Stej
0/W5jLd7NQwm003RLwePVWvDw6TVbdZY6tJIMXqkYXc+Qqxx71TtY6/P4U/97Va3
8O8vovP1Xxbui1Xx9dUTU+F/XiG4kjV21XsN+5gAlWFA22v0gGKEvdY4uze5kNH6
dwxj2xTdJKEHIr8cPQeBOBxd46sIChmQWywO9uMMfwUoDS3xHkyq3WkCoI5YalnO
Dx8l5erpytJA8or3hKld0BIk2MTpJI/0zdyl0JqXuleIBjtlAFRMuyclg4n6S9Ek
VXRNWAslPgl+mPquZnyKxCKHfvpgk7ZT5qbU4iqOAv1CabODk+024XrdhHDzCTOQ
/T8u7gshajO1VsGhTTey
=Zeft
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ