Full Disclosure mailing list archives
[ GLSA 200711-12 ] Tomboy: User-assisted execution of arbitrary code
From: Pierre-Yves Rofes <py () gentoo org>
Date: Thu, 08 Nov 2007 20:46:43 +0100
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200711-12 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Tomboy: User-assisted execution of arbitrary code Date: November 08, 2007 Bugs: #189249 ID: 200711-12 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Tomboy doesn't properly handle environment variables, potentially allowing a local attacker to execute arbitrary code. Background ========== Tomboy is a GTK-based desktop note-taking application written in C# and the Mono C#. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-misc/tomboy < 0.8.1-r1 >= 0.8.1-r1 Description =========== Jan Oravec reported that the "/usr/bin/tomboy" script sets the "LD_LIBRARY_PATH" environment variable incorrectly, which might result in the current working directory (.) to be included when searching for dynamically linked libraries of the Mono Runtime application. Impact ====== A local attacker could entice a user into running Tomboy in a directory containing a specially crafted library file to execute arbitrary code with the privileges of the user running Tomboy. Workaround ========== Do not run Tomboy from an untrusted working directory. Resolution ========== All Tomboy users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=app-misc/tomboy-0.8.1-r1" References ========== [ 1 ] CVE-2005-4790 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4790 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200711-12.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security () gentoo org or alternatively, you may file a bug at http://bugs.gentoo.org. License ======= Copyright 2007 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHM2ejuhJ+ozIKI5gRArn0AKCHGvQMfReygx+CNJswcgHC5ZLT/QCdGyyf HMULjLPDCYXxaJG4YGh5hU8= =SZnY -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- [ GLSA 200711-12 ] Tomboy: User-assisted execution of arbitrary code Pierre-Yves Rofes (Nov 08)