'Re: [oss-security] CVE-request: monkey fails to drop supplemental groups when lowering privileges'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] CVE-request: monkey fails to drop supplemental groups when lowering privileges
From:       Kurt Seifried <kseifried () redhat ! com>
Date:       2012-09-21 2:25:39
Message-ID: 505BD023.2060205 () redhat ! com
[Download RAW message or body]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 09/20/2012 11:35 AM, Henri Salo wrote:
> Hello,
> 
> Please assign 2012 CVE-identifier for following monkey
> vulnerability:
> 
> Monkey webserver fails to drop supplemental groups when lowering
> privileges. This allows any local user on the system to read any
> fine that root's supplemental groups can access. Monkey does
> perform a filesystem access check to make sure that its EUID/EGID
> can access the target file, but this check is subject to TOCTOU
> flaws.
> 
> Reported by John Lightsey in
> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688007 Affected
> Debian-version is 0.9.3-1 (haven't tested upstream package) Project
> page: http://www.monkey-project.com/
> 
> - Henri Salo

Please use CVE-2012-4442 for this issue.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://www.enigmail.net/

iQIcBAEBAgAGBQJQW9AjAAoJEBYNRVNeJnmTzdoQALI8x09uzG3Pwx+NyHKAbMxS
rCJfoRZ4wVrkxM51Wn7WSUJkn+K2er8bv+NH8uFqpZMQxjguNIlzfPFJodbov1g+
2c+Wn1R3J2ndLHpEhuwZEtcmsLqOv0I/3Nf5/cazePHCPqbqmF+KfOozmlNt9RBg
k5bxlQdkR9jhzsbvilzteedQ5UE0GGqD6JlVhmipVhUEv4I55nfsXKKFF12LSV70
de3W4axDqFOafSB5INjvHYnNxOZtjhpaDgrzfuTwYWfiZnc3hvvgU7Vh2sdVNQOO
ch9dh+jFdvG/aA2upsLd4xjMMDVECoReCX/5FybBUnvATqPKSX5Nb0oDPoKA9qQ5
p4GKv8aurWa264ZuUsA9QHzmwgx6be3aj72WVMrdWd+im3PsByXbYSmX5Msz5U+i
ipfsNEheER2RJigRJI5H7k6C4fd0PEawwair0BHMMSaseJ0/FliJma84V/2aNPd4
MCgxMaRErIJi1d8F2U9Sa2Er7IYR1odouEQEtVzWdbqFXVRLuBdzMnqfjtVbhB3X
0ehcLcSwRNzD9GzpFhEfgiy1lv4PMwUqhgYFVTlM4oakQ4EfkZzAupS5k0wsV+7E
mdHVZ7Z7Ytw1cmPHNf5DDetGPRd4zGuL5XmwUWl72Yg7vyoBEqa8cyG5YAnwCKwi
qDb8K5X7laTiQsGCO5EQ
=xZ6Y
-----END PGP SIGNATURE-----
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic