Date: Mon, 26 Sep 2016 01:43:27 -0400 (EDT) From: cve-assign@...re.org To: carnil@...ian.org Cc: cve-assign@...re.org, oss-security@...ts.openwall.com Subject: Re: CVE Request: irssi: information disclosure vulnerabilit in buf.pl -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 > An information disclosure vulnerability in the buf.pl script > > https://irssi.org/2016/09/22/buf.pl-update/ > https://bugs.debian.org/838762 > https://github.com/irssi/scripts.irssi.org/commit/f1b1eb154baa684fad5d65bf4dff79c8ded8b65a >>> This patch sets a safer umask of 077 for the scrollbuffer dump, and will >>> remove the temporary file after use to further reduce the attack surface. >> Other users on the same machine may be able to retrieve the whole >> window contents after /UPGRADE when the buf.pl script is loaded. >> Furthermore, this dump of the windows contents is never removed >> afterwards. >> >> Since buf.pl is also an Irssi core script and we recommended its use >> to retain your window content, many people could potentially be >> affected by this. >> buf.pl restores the scrollbuffer between upgrades by writing the >> contents to a file, and reading that after the new process was >> spawned. Through that file, the contents of (private) chat >> conversations may leak to other users. >> >> Mitigating facts >> >> Careful users with a limited umask (e.g. 077) are not affected by this >> bug. However, most Linux systems default to a umask of 022, meaning >> that files written without further restricting the permissions, are >> readable by any user. Use CVE-2016-7553. - -- CVE Assignment Team M/S M300, 202 Burlington Road, Bedford, MA 01730 USA [ A PGP key is available for encrypted communications at http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJX6LTCAAoJEHb/MwWLVhi2zq8P/jv2PkFRxBcw1jgDgBMydNuc +50A3BrF0Uj83eta6SaLs/oh794JIPBAK4oLo4qQ4y1wF/BTHHH3euawbh+OwTYU Uz2LN6tCne6lc/Aig0qdbzrTAYVaLiHX5q7LTP34N7yrVfxtKhoxN15wePu+i4I1 uWmu7UfmowJrORf1hOQajrLtYXgowVpXFjCSju7ZedvM6vJ4yEUFym+UHh+Smasv tLfTDDdyvquKKdyKNKpbTYjvaS5YB109a4+doacyziBbnXH3PR8P97ZiNK6MrBs4 dfwSV+gfdoTEAyHqg5k49G/EEWM5TgxIPz9ve5SZkTmKLQZ0irWEQOekeTy0Z2XL nkqu8Ns/mPMe0wP1yvo5NXo8m8aoPpvhuZBxdLU+oHPFM4USn3N00N23qx8Al7VG cYblMi1b/+w9gzGbV7JpyESDyf2e1eYMt96Lqi5Rv5WzOp0vLlFzJBDGn1fvr7ci QUldD1AMQ8eqkaYcNJ1tq+4uydDj/Vh8huc/HxDS02Bevma4Kx/xHriX8c7nS0Yp +gvhxU+xOK56M0Ab2JgcI/Q65He1O3VVrlbpIlPZRv8kPIn61IrYZSW0A25DcFcm eF8SKi8i1u9/kXZayDAve+aspQfaYwozABrqI5V+b3KHSs/jo/7JThMqk1/5g4XY oG0zGz58jhOzLNlu3Hgs =g0/I -----END PGP SIGNATURE-----
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.