Date: Tue, 2 Oct 2012 15:06:48 -0600 From: Vincent Danen <vdanen@...hat.com> To: oss-security@...ts.openwall.com Subject: CVE-2012-3504: insecure temporary file usage in genkey perl script I'm not sure if anyone other than Red Hat ships and uses the genkey script (we package it as part of the crypto-utils package), but Joe Orton found some insecure usage of temporary files. He had reported that it writes to a file called "list" in the current working directory without first checking to see if it existed, so it could be used to clobber other user's files, if executed as root. Our current versions of Fedora and Red Hat Enterprise Linux 6 use this vulnerable genkey.pl script; earlier versions did not have the vulnerable bits. Looking at it a bit further, it seems like there's a few other places where it clobbers files. Our bug report is here: https://bugzilla.redhat.com/show_bug.cgi?id=849256 I've also got in there a patch that uses the File::Temp to create temporary files properly (somewhat tested). Just a heads-up in case anyone else is shipping this perl script as well. The name CVE-2012-3504 was assigned to this issue. -- Vincent Danen / Red Hat Security Response Team
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.