oss-sec mailing list archives
CVE-2009-3297 samba/ncpfs/fuse issues granted individual 2010 CVE names?
From: Vincent Danen <vdanen () redhat com>
Date: Tue, 2 Mar 2010 13:52:05 -0700
* [2010-03-02 13:05:28 -0500] nobody () redhat com via RT wrote: Hi, Steve. I'm confused about these three CVEs, particularly since CVE-2009-3297 was assigned to this issue (I suppose it would be more correct to have 3 CVEs for the issue, but I'm not sure then why CVE-2009-3297 was completely ignored unless you intend for it to be not used/duplicated to one of these?). I'm also confused on using a 2010-based name since our bugzilla entry is dated 2009-11-04, and Samba upstream has their reported dated 2009-10-28, so these should have received 2009-based names. We've used CVE-2009-3297 all over the place so it's pretty hard to miss. Looking at the references just for the samba issue (your CVE-2010-0787), all of the references except the git commits refer to CVE-2009-3297. Can you clarify why this was done? CC'ing oss-security in case anyone else has noticed this as well. Thanks.
====================================================== Name: CVE-2010-0787 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0787 Final-Decision: Interim-Decision: Modified: Proposed: Assigned: 20100302 Category: Reference: CONFIRM:http://git.samba.org/?p=samba.git;a=commit;h=3ae5dac462c4ed0fb2cd94553583c56fce2f9d80 Reference: CONFIRM:http://git.samba.org/?p=samba.git;a=commit;h=a0c31ec1c8d1220a5884e40d9ba6b191a04a24d5 Reference: CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=532940 Reference: CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=558833 Reference: CONFIRM:https://bugzilla.samba.org/show_bug.cgi?id=6853 Reference: FEDORA:FEDORA-2010-1190 Reference: URL:http://lists.fedoraproject.org/pipermail/package-announce/2010-January/034444.html Reference: FEDORA:FEDORA-2010-1218 Reference: URL:http://lists.fedoraproject.org/pipermail/package-announce/2010-January/034470.html Reference: UBUNTU:USN-893-1 Reference: URL:http://www.ubuntu.com/usn/USN-893-1 Reference: BID:37992 Reference: URL:http://www.securityfocus.com/bid/37992 Reference: SECUNIA:38286 Reference: URL:http://secunia.com/advisories/38286 Reference: SECUNIA:38308 Reference: URL:http://secunia.com/advisories/38308 Reference: SECUNIA:38357 Reference: URL:http://secunia.com/advisories/38357 Reference: XF:sambaclient-mountcifs-symlink(55944) Reference: URL:http://xforce.iss.net/xforce/xfdb/55944 client/mount.cifs.c in mount.cifs in smbfs in Samba 3.0.22, 3.0.28a, 3.2.3, 3.3.2, 3.4.0, and 3.4.5 allows local users to mount a CIFS share on an arbitrary mountpoint, and gain privileges, via a symlink attack on the mountpoint directory file. ====================================================== Name: CVE-2010-0788 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0788 Final-Decision: Interim-Decision: Modified: Proposed: Assigned: 20100302 Category: Reference: CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=532940 Reference: CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=558833 Reference: FEDORA:FEDORA-2010-1145 Reference: URL:http://lists.fedoraproject.org/pipermail/package-announce/2010-January/034403.html Reference: FEDORA:FEDORA-2010-1168 Reference: URL:http://lists.fedoraproject.org/pipermail/package-announce/2010-January/034422.html Reference: SECUNIA:38327 Reference: URL:http://secunia.com/advisories/38327 Reference: SECUNIA:38371 Reference: URL:http://secunia.com/advisories/38371 ncpfs 2.2.6 allows local users to cause a denial of service, obtain sensitive information, or possibly gain privileges via symlink attacks involving the (1) ncpmount and (2) ncpumount programs. ====================================================== Name: CVE-2010-0789 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0789 Final-Decision: Interim-Decision: Modified: Proposed: Assigned: 20100302 Category: Reference: CONFIRM:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=567633 Reference: CONFIRM:http://sourceforge.net/projects/fuse/files/ReleaseNotes/fuse-2.8.3.html/view Reference: CONFIRM:http://sourceforge.net/projects/fuse/files/fuse-2.X/2.7.5/fuse-2.7.5.tar.gz/download Reference: CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=532940 Reference: CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=558833 Reference: DEBIAN:DSA-1989 Reference: URL:http://www.debian.org/security/2010/dsa-1989 Reference: FEDORA:FEDORA-2010-1140 Reference: URL:http://lists.fedoraproject.org/pipermail/package-announce/2010-February/034518.html Reference: FEDORA:FEDORA-2010-1159 Reference: URL:http://lists.fedoraproject.org/pipermail/package-announce/2010-February/034580.html Reference: UBUNTU:USN-892-1 Reference: URL:http://www.ubuntu.com/usn/USN-892-1 Reference: BID:37983 Reference: URL:http://www.securityfocus.com/bid/37983 Reference: SECUNIA:38261 Reference: URL:http://secunia.com/advisories/38261 Reference: SECUNIA:38287 Reference: URL:http://secunia.com/advisories/38287 Reference: SECUNIA:38359 Reference: URL:http://secunia.com/advisories/38359 Reference: SECUNIA:38437 Reference: URL:http://secunia.com/advisories/38437 Reference: XF:fuse-fusermount-dos(55945) Reference: URL:http://xforce.iss.net/xforce/xfdb/55945 fusermount in FUSE before 2.7.5, and 2.8.x before 2.8.2, allows local users to unmount an arbitrary FUSE filesystem share via a symlink attack on a mountpoint.
--Vincent Danen / Red Hat Security Response Team
Current thread:
- CVE-2009-3297 samba/ncpfs/fuse issues granted individual 2010 CVE names? Vincent Danen (Mar 02)
- Re: CVE-2009-3297 samba/ncpfs/fuse issues granted individual 2010 CVE names? Vincent Danen (Mar 02)
- Re: CVE-2009-3297 samba/ncpfs/fuse issues granted individual 2010 CVE names? Steven M. Christey (Mar 03)
- Re: CVE-2009-3297 samba/ncpfs/fuse issues granted individual 2010 CVE names? Vincent Danen (Mar 03)