'Re: [oss-security] CVE request: FreeBSD/OS X crontab information'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] CVE request: FreeBSD/OS X crontab information
From:       Josh Bressers <bressers () redhat ! com>
Date:       2011-02-28 21:13:23
Message-ID: 2129000690.299846.1298927603500.JavaMail.root () zmail01 ! collab ! prod ! int ! phx2 ! redhat ! com
[Download RAW message or body]

This should probably get three.

----- Original Message -----
> Details here:
> http://marc.info/?l=full-disclosure&m=129891323028897&w=2
> 
> There are three leaks, each of which amounts to a minor DAC bypass.
> 
> 1. Leakage of file/directory existence via stat() calls (e.g.
> determining if a file exists regardless of search permissions on
> directories)

CVE-2011-1073

> 
> 2. Leakage of directory existence via realpath()

CVE-2011-1074

> 
> 3. Arbitrary MD5 comparison (e.g. ability to determine if any two
> files have identical MD5 hashes, regardless of read permissions on
> those files)

CVE-2011-1075

Thanks.

-- 
    JB
[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic