Date: Fri, 21 Sep 2012 16:38:30 +0300 From: Henri Salo <henri@...v.fi> To: oss-security@...ts.openwall.com Subject: CVE-request: monkey CGI scripts executed without dropping RUID/RGID root Hello, Please assign 2012 CVE-identifier for following monkey vulnerability: The Monkey webserver retains RUID/RGID root so that it can regain root as needed to perform privileged operations. Unfortunately, monkey does not drop RUID/RGID root before executing CGI scripts. This allows any user with write access to a cgi-bin directory to gain local root. It would also allow a remote attacker to do the same in combination with a CGI/PHP script that has any remote code execution bug. Reported by John Lightsey in http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688008 Affected Debian-version is 0.9.3-1 (haven't tested upstream package) Project page: http://www.monkey-project.com/ - Henri Salo
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.