oss-security - Re: CVE Request -- Beanstalkd (prior v1.4.6) -- Improper sanitization of job body (job payload data)

Follow @Openwall on Twitter for new release announcements and other news

[<prev] [next>] [<thread-prev] [day] [month] [year] [list]

Date: Thu, 3 Jun 2010 14:58:27 -0400 (EDT)
From: Josh Bressers <bressers@...hat.com>
To: oss-security@...ts.openwall.com
Cc: Keith Rarick <kr@....us>, "Steven M. Christey" <coley@...us.mitre.org>
Subject: Re: CVE Request -- Beanstalkd (prior v1.4.6) --
 Improper sanitization of job body (job payload data)

Please use CVE-2010-2060 for this.

Thanks.

-- 
    JB


----- "Jan Lieskovsky" <jlieskov@...hat.com> wrote:

> Hi Steve, vendors,
> 
>    Graham Barr reported that beanstalkd v1.4.5 and earlier,
> improperly
> sanitized job data, sent together with put command from client.
> A remote attacker, providing a specially-crafted job data in request,
> could use this flaw to bypass intended beanstalk client commands
> dispatch mechanism, leading to unauthorized execution of beanstalk
> client commands.
> 
> References:
>    [1]
> http://kr.github.com/beanstalkd/2010/05/23/1.4.6-release-notes.html
>    [2] http://bugs.gentoo.org/show_bug.cgi?id=322457
> 
> Upstream changeset:
>    [3]
> http://github.com/kr/beanstalkd/commit/2e8e8c6387ecdf5923dfc4d7718d18eba1b0873d
> 
> Could you allocate a CVE id for this?
> 
> Thanks && Regards, Jan.
> --
> Jan iankko Lieskovsky / Red Hat Security Response Team

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.