oss-sec mailing list archives
Re: CVE id request: verlihub
From: Nico Golde <oss-security+ml () ngolde de>
Date: Sun, 28 Dec 2008 02:22:42 +0100
Hi, * Eygene Ryabinkin <rea-sec () codelabs ru> [2008-12-27 22:13]:
Wed, Dec 24, 2008 at 12:54:14PM -0500, Steven M. Christey wrote:====================================================== Name: CVE-2008-5706
[...]
The cTrigger::DoIt function in src/ctrigger.cpp in the trigger mechanism in the daemon in Verlihub 0.9.8d-RC2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the /tmp/trigger.tmp temporary file.What about remote command execution via unsanitized user input?
[...] Covered by CVE-2008-5705. Cheers Nico -- Nico Golde - http://www.ngolde.de - nion () jabber ccc de - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
Current thread:
- CVE id request: verlihub Raphael Geissert (Dec 16)
- Re: CVE id request: verlihub Steven M. Christey (Dec 24)
- Re: CVE id request: verlihub Eygene Ryabinkin (Dec 27)
- Re: CVE id request: verlihub Nico Golde (Dec 27)
- Re: CVE id request: verlihub Eygene Ryabinkin (Dec 27)
- Re: CVE id request: verlihub Steven M. Christey (Dec 24)