oss-sec mailing list archives
Re: CVE request: jhead
From: "Steven M. Christey" <coley () linus mitre org>
Date: Wed, 22 Oct 2008 13:00:23 -0400 (EDT)
So there are 4 CVE's overall (CVE-2008-4575 assigned earlier), with a SPLIT of the fixed DoCommand issues from the remaining unfixed issues. - Steve ====================================================== Name: CVE-2008-4575 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4575 Reference: MLIST:[oss-security] 20081015 Re: CVE request: jhead Reference: URL:http://www.openwall.com/lists/oss-security/2008/10/15/6 Reference: CONFIRM:http://www.sentex.net/~mwandel/jhead/changes.txt Reference: CONFIRM:https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/271020 Reference: BID:31770 Reference: URL:http://www.securityfocus.com/bid/31770 Buffer overflow in the DoCommand function in jhead before 2.84 might allow context-dependent attackers to cause a denial of service (crash) via (1) a long -cmd argument and (2) unspecified vectors related to "a bunch of potential string overflows." ====================================================== Name: CVE-2008-4639 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4639 Reference: MLIST:[oss-security] 20081015 CVE request: jhead Reference: URL:http://www.openwall.com/lists/oss-security/2008/10/15/5 Reference: MLIST:[oss-security] 20081015 Re: CVE request: jhead Reference: URL:http://www.openwall.com/lists/oss-security/2008/10/15/6 Reference: MLIST:[oss-security] 20081016 Re: CVE request: jhead Reference: URL:http://www.openwall.com/lists/oss-security/2008/10/16/3 Reference: CONFIRM:https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/271020 jhead.c in Matthias Wandel jhead before 2.84 allows local users to overwrite arbitrary files via a symlink attack on a temporary file. ====================================================== Name: CVE-2008-4640 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4640 Reference: MLIST:[oss-security] 20081016 Re: CVE request: jhead Reference: URL:http://www.openwall.com/lists/oss-security/2008/10/16/3 Reference: CONFIRM:https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/271020 The DoCommand function in jhead.c in Matthias Wandel jhead 2.84 and earlier allows local users to delete arbitrary files via vectors involving a modified input filename in which (1) a final "z" character is replaced by a "t" character or (2) a final "t" character is replaced by a "z" character. ====================================================== Name: CVE-2008-4641 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4641 Reference: MLIST:[oss-security] 20081015 CVE request: jhead Reference: URL:http://www.openwall.com/lists/oss-security/2008/10/15/5 Reference: MLIST:[oss-security] 20081015 Re: CVE request: jhead Reference: URL:http://www.openwall.com/lists/oss-security/2008/10/15/6 Reference: MLIST:[oss-security] 20081016 Re: CVE request: jhead Reference: URL:http://www.openwall.com/lists/oss-security/2008/10/16/3 Reference: CONFIRM:https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/271020 The DoCommand function in jhead.c in Matthias Wandel jhead 2.84 and earlier allows attackers to execute arbitrary commands via shell metacharacters in unspecified input.
Current thread:
- CVE request: jhead Jamie Strandboge (Oct 15)
- Re: CVE request: jhead Steven M. Christey (Oct 15)
- Re: CVE request: jhead John Dong (Oct 16)
- Re: CVE request: jhead Steven M. Christey (Oct 22)
- Re: CVE request: jhead Robert Buchholz (Nov 26)
- Re: CVE request: jhead John Dong (Oct 16)
- Re: CVE request: jhead Steven M. Christey (Oct 15)
- Re: CVE request: jhead Steven M. Christey (Oct 15)