oss-sec mailing list archives
AW: parse_datetime() bug in coreutils
From: Fiedler Roman <Roman.Fiedler () ait ac at>
Date: Tue, 25 Nov 2014 09:09:14 +0000
Von: Seth Arnold [mailto:seth.arnold () canonical com] Hello, Fiedler Roman discovered that coreutils' parse_datetime() function has some flaws that may be exploitable if the date(1), touch(1), or potentially other programs, accept untrusted input for certain parameters.
As some people won't have a hard time to correlate this: the issue was discovered fixing the php session cleanup code running with root privileges, which, apart from the symlink issues, could to my opinion also allow to pass a single but arbitrary parameters to touch, see [1]
[Snip]
[1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=766147
Attachment:
smime.p7s
Description:
Current thread:
- parse_datetime() bug in coreutils Seth Arnold (Nov 24)
- AW: parse_datetime() bug in coreutils Fiedler Roman (Nov 25)
- Re: parse_datetime() bug in coreutils Moritz Mühlenhoff (Dec 28)