oss-sec mailing list archives
CVE request for ecryptfs
From: Jamie Strandboge <jamie () canonical com>
Date: Thu, 23 Oct 2008 16:16:28 -0500
Hi, While reviewing ecryptfs, I discovered an information disclosure vulnerability in ecryptfs-setup-private and notified upstream. This helper script was known as ecryptfs-setup-confidential in earlier releases. The problem arises when ecryptfs-setup-private invokes ecryptfs-wrap-passphrase and ecryptfs-add-passphrase with command line arguments that include the user's existing login password as well as the newly created mount password. As a result, these passwords can be snooped in the process table. This script did not exist in ecryptfs before 45. The original script (ecryptfs-setup-pam-wrapped.sh) referenced in [1] that formed the basis for the scripts found in 45 is also vulnerable to this attack vector, so anyone shipping any of these scripts is affected. Upstream has fixed this in [2] (with a bugfix in [3]) by updating ecryptfs-add-passphrase and ecryptfs-wrap-passphrase to accept passwords on stdin, and adjusting ecryptfs-setup-private to use the builtin 'printf' function of the shell to pipe to these commands. The dash and bash shells are known to contain the 'printf' builtin. It is my understanding that upstream plans to release a new version incorporating this fix soon. I didn't see any distributions who have released with a vulnerable version of ecryptfs (or ecryptfs-setup-pam-wrapped.sh). Debian and Ubuntu [4] do have vulnerable versions in their development releases, and our ecryptfs developer has contacted the Debian maintainer directly. Thanks, Jamie [1] http://ecryptfs.sourceforge.net/ecryptfs-pam-doc.txt [2] http://git.kernel.org/?p=linux/kernel/git/mhalcrow/ecryptfs-utils.git;a=commit;h=06de99afd53f03fe07eda0ad9d61ac6d5d4d9f53 [3] http://git.kernel.org/?p=linux/kernel/git/mhalcrow/ecryptfs-utils.git;a=commit;h=0af27a5d514dc4bbc077f07cf33a5d5b362a9193 [4] https://launchpad.net/bugs/287908 -- Ubuntu Security Engineer | http://www.ubuntu.com/ Canonical Ltd. | http://www.canonical.com/
Attachment:
signature.asc
Description: Digital signature
Current thread:
- CVE request for ecryptfs Jamie Strandboge (Oct 23)
- Re: CVE request for ecryptfs Tomas Hoger (Oct 29)
- Re: CVE request for ecryptfs Jamie Strandboge (Oct 29)
- Re: CVE request for ecryptfs Tomas Hoger (Oct 29)