[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] CVE Request - glib symlink copying permission
From:       "Steven M. Christey" <coley () linus ! mitre ! org>
Date:       2009-09-22 7:22:03
Message-ID: Pine.GSO.4.51.0909220321400.16381 () faron ! mitre ! org
[Download RAW message or body]


======================================================
Name: CVE-2009-3289
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3289
Reference: MLIST:[oss-security] 20090908 CVE Request - glib symlink copying permission exposure
Reference: URL:http://www.openwall.com/lists/oss-security/2009/09/08/8
Reference: MISC:https://bugzilla.gnome.org/show_bug.cgi?id=593406
Reference: CONFIRM:https://bugs.launchpad.net/ubuntu/+source/glib2.0/+bug/418135

The g_file_copy function in glib 2.0 sets the permissions of a target
file to the permissions of a symbolic link (777), which allows
user-assisted local users to modify files of other users, as
demonstrated by using Nautilus to modify the permissions of the user
home directory.


[prev in list] [next in list] [prev in thread] [next in thread]