oss-sec mailing list archives

CVE Request -- Beanstalkd (prior v1.4.6) -- Improper sanitization of job body (job payload data)

From: Jan Lieskovsky <jlieskov () redhat com>
Date: Wed, 02 Jun 2010 16:39:03 +0200

Hi Steve, vendors,

  Graham Barr reported that beanstalkd v1.4.5 and earlier, improperly
sanitized job data, sent together with put command from client.
A remote attacker, providing a specially-crafted job data in request,
could use this flaw to bypass intended beanstalk client commands
dispatch mechanism, leading to unauthorized execution of beanstalk
client commands.

References:
  [1] http://kr.github.com/beanstalkd/2010/05/23/1.4.6-release-notes.html
  [2] http://bugs.gentoo.org/show_bug.cgi?id=322457

Upstream changeset:
  [3] http://github.com/kr/beanstalkd/commit/2e8e8c6387ecdf5923dfc4d7718d18eba1b0873d

Could you allocate a CVE id for this?

Thanks && Regards, Jan.
--
Jan iankko Lieskovsky / Red Hat Security Response Team

Current thread:

CVE Request -- Beanstalkd (prior v1.4.6) -- Improper sanitization of job body (job payload data) Jan Lieskovsky (Jun 02)
- Re: CVE Request -- Beanstalkd (prior v1.4.6) -- Improper sanitization of job body (job payload data) Josh Bressers (Jun 03)