oss-sec mailing list archives
Re: [Openvas-devel] [oss-security] CVE Request -- openvas-scanner -- Insecure temporary file use by generation of an OVAL system characteristics document, when ovaldi support enabled
From: Tim Brown <timb () openvas org>
Date: Fri, 9 Sep 2011 23:05:24 +0100
On Friday 09 Sep 2011 22:07:34 Jan-Oliver Wagner wrote:
What frightens me is that a security advisory about OpenVAS 2 (a already deprecated version) made it even into official advisories of CERTs. The review process seems to not work as it should, no one ever checked back wether this version is deprecated. So it should be easy to get faked security alerts about some tools you don't like into official CERT advisories. Or am I getting something wrong here?
Jan, Whilst it's not a default compile time configuration option and whilst the conditions to exploit it are uncommon, the fact remains that there are two time of check, time of use (TOCTOU) vulnerabilities present in the code. Calling it fake is disingenous and does OpenVAS no credit. Whilst a CVE might be bad, a security project disputing the assignment looks even worse; especially since one (and the more serious) case was picked up internally. FWIW, the code concerned was present in trunk so it's not even true to say it only affects deprecated versions (never mind the fact that just because we no longer support something doesn't stop someone using it). Tim -- Tim Brown <mailto:timb () openvas org> <http://www.openvas.org/>
Attachment:
signature.asc
Description: This is a digitally signed message part.
Current thread:
- CVE Request -- openvas-scanner -- Insecure temporary file use by generation of an OVAL system characteristics document, when ovaldi support enabled Jan Lieskovsky (Sep 07)
- Re: CVE Request -- openvas-scanner -- Insecure temporary file use by generation of an OVAL system characteristics document, when ovaldi support enabled Henri Doreau (Sep 07)
- Re: CVE Request -- openvas-scanner -- Insecure temporary file use by generation of an OVAL system characteristics document, when ovaldi support enabled Tim Brown (Sep 07)
- Re: CVE Request -- openvas-scanner -- Insecure temporary file use by generation of an OVAL system characteristics document, when ovaldi support enabled Josh Bressers (Sep 09)
- Re: [Openvas-devel] [oss-security] CVE Request -- openvas-scanner -- Insecure temporary file use by generation of an OVAL system characteristics document, when ovaldi support enabled Jan-Oliver Wagner (Sep 09)
- Re: [Openvas-devel] [oss-security] CVE Request -- openvas-scanner -- Insecure temporary file use by generation of an OVAL system characteristics document, when ovaldi support enabled Tim Brown (Sep 09)
- Re: CVE Request -- openvas-scanner -- Insecure temporary file use by generation of an OVAL system characteristics document, when ovaldi support enabled Josh Bressers (Sep 09)