[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] CVE-request: monkey fails to drop supplemental groups when lowering privileges
From: Kurt Seifried <kseifried () redhat ! com>
Date: 2012-09-21 2:25:39
Message-ID: 505BD023.2060205 () redhat ! com
[Download RAW message or body]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 09/20/2012 11:35 AM, Henri Salo wrote:
> Hello,
>
> Please assign 2012 CVE-identifier for following monkey
> vulnerability:
>
> Monkey webserver fails to drop supplemental groups when lowering
> privileges. This allows any local user on the system to read any
> fine that root's supplemental groups can access. Monkey does
> perform a filesystem access check to make sure that its EUID/EGID
> can access the target file, but this check is subject to TOCTOU
> flaws.
>
> Reported by John Lightsey in
> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688007 Affected
> Debian-version is 0.9.3-1 (haven't tested upstream package) Project
> page: http://www.monkey-project.com/
>
> - Henri Salo
Please use CVE-2012-4442 for this issue.
- --
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://www.enigmail.net/
iQIcBAEBAgAGBQJQW9AjAAoJEBYNRVNeJnmTzdoQALI8x09uzG3Pwx+NyHKAbMxS
rCJfoRZ4wVrkxM51Wn7WSUJkn+K2er8bv+NH8uFqpZMQxjguNIlzfPFJodbov1g+
2c+Wn1R3J2ndLHpEhuwZEtcmsLqOv0I/3Nf5/cazePHCPqbqmF+KfOozmlNt9RBg
k5bxlQdkR9jhzsbvilzteedQ5UE0GGqD6JlVhmipVhUEv4I55nfsXKKFF12LSV70
de3W4axDqFOafSB5INjvHYnNxOZtjhpaDgrzfuTwYWfiZnc3hvvgU7Vh2sdVNQOO
ch9dh+jFdvG/aA2upsLd4xjMMDVECoReCX/5FybBUnvATqPKSX5Nb0oDPoKA9qQ5
p4GKv8aurWa264ZuUsA9QHzmwgx6be3aj72WVMrdWd+im3PsByXbYSmX5Msz5U+i
ipfsNEheER2RJigRJI5H7k6C4fd0PEawwair0BHMMSaseJ0/FliJma84V/2aNPd4
MCgxMaRErIJi1d8F2U9Sa2Er7IYR1odouEQEtVzWdbqFXVRLuBdzMnqfjtVbhB3X
0ehcLcSwRNzD9GzpFhEfgiy1lv4PMwUqhgYFVTlM4oakQ4EfkZzAupS5k0wsV+7E
mdHVZ7Z7Ytw1cmPHNf5DDetGPRd4zGuL5XmwUWl72Yg7vyoBEqa8cyG5YAnwCKwi
qDb8K5X7laTiQsGCO5EQ
=xZ6Y
-----END PGP SIGNATURE-----
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic