Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 04 Jun 2013 12:55:48 -0600
From: Kurt Seifried <kseifried@...hat.com>
To: oss-security@...ts.openwall.com
CC: Marc Deslauriers <marc.deslauriers@...onical.com>
Subject: Re: CVE Request: libimobiledevice insecure /tmp use

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 05/31/2013 08:43 AM, Marc Deslauriers wrote:
> Hello,
> 
> In libimobiledevice, the following commit:
> 
> http://cgit.sukimashita.com/libimobiledevice.git/commit/src?id=825d...
>
>  Falls back to creating files in /tmp if $XDG_CONFIG_HOME and $HOME
> are unset. In some distros, upowerd runs this as root, which causes
> files in /tmp to be created and updated in an insecure manner as
> root, allowing for symlink attacks.
> 
> Bugs: 
> http://libiphone.lighthouseapp.com/projects/27916-libiphone/tickets/331-insecure-tmp-directory-use
>
> 
https://bugs.launchpad.net/ubuntu/+source/libimobiledevice/+bug/1164263
> 
> Could a CVE please be assigned to this issue?
> 
> Thanks,
> 
> Marc.

Please use CVE-2013-2142 for this issue.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)

iQIcBAEBAgAGBQJRrjgzAAoJEBYNRVNeJnmT0E0P/09xKFWcrZspZ1bLdg/4MC8u
KYnfJdOJ6nNVr+p3MdOnO2esZh6d8F5rfXvasAWLnV9scvRprEvjkWVvSDPDICJ4
QhdMaptR59SFqdCPERYvDVGRN/Aj5b6S6t16TcpGvhsFH9ho6ESfj4XmxuZJLSac
Q/5pwnoyX66ZkfAV7CAEKFqsNGJK5YMdfJuNYeOA8JdVcpY9HgNkb+UuSjGnZRGr
7QUUmlVyKWUiz7EOZEisli6xAeAD20w/SCgsjS+5ldIa0mYudDTA1MZ51p2+diY6
Kj3oAGw9NHLNFxpBXzdDHwY7TPlbUKNHrfYh5PhVCMSGmW+rb6ARHOsre0ozGEAg
hJumTGI3CVyoFhe4x19A8TWaTaPAoWDcG+90DRUSOf3KD7oajcy34/0RQv17/1to
iAsV2DGR0H2nEq5NN4pkmoUeoY28dJtBEu/AS9eTv9TJhULWOixuclJtoeXQeYXi
gNIS75AWu57NCoXuM0ZrgukQJ9eaWsDg7QdCoUKJ1yDnPN4Wu68mFlpqfKtTAE6a
La8haZiwHtr6M00J3UlHUyWenttxXtuacnotaRs+K6nIrieurlV4ZOIAr7CjrEOP
/ru1YmxzVL/AJpAfW/f/chMnksT5a3zjh+gQTVVXYQblYWWP7/sggL13kPtz3nsb
9at9trjzKcIzMKRm+CwS
=B0+o
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.