oss-sec mailing list archives
Re: Minor security flaw with pam_xauth
From: Josh Bressers <bressers () redhat com>
Date: Tue, 21 Sep 2010 16:02:47 -0400 (EDT)
----- "Solar Designer" <solar () openwall com> wrote:
Let's use CVE-2010-3430 for the missing setfsgid....and the missing setgroups().Use CVE-2010-3431 for the missing return checks on setfsuid.OK. BTW, I think this is not exploitable on current kernels, at least not via RLIMIT_NPROC (it does not apply to fsuid), yet it is desirable to check the return value from such syscalls. What about the completely missing privilege switching in pre-1.1.2 (the bug found by Sebastian)? I don't recall if it already had a CVE id assigned or not.
Ugh, this has gone south on me. Since you have the best understanding of these, can you break them down with reasonable explanations and I'll assign IDs to whatever still needs them? Thanks. -- JB
Current thread:
- Minor security flaw with pam_xauth Tim Brown (Aug 16)
- Re: Minor security flaw with pam_xauth Steven M. Christey (Aug 16)
- Re: Minor security flaw with pam_xauth Solar Designer (Sep 21)
- Re: Minor security flaw with pam_xauth Josh Bressers (Sep 21)
- Re: Minor security flaw with pam_xauth Steven M. Christey (Sep 21)
- Re: Minor security flaw with pam_xauth Josh Bressers (Sep 21)
- Re: Minor security flaw with pam_xauth Solar Designer (Sep 21)
- Re: Minor security flaw with pam_xauth Josh Bressers (Sep 21)
- Re: Minor security flaw with pam_xauth Solar Designer (Sep 24)
- Re: Minor security flaw with pam_xauth Vincent Danen (Sep 27)
- Re: Minor security flaw with pam_xauth Vincent Danen (Sep 27)
- Re: Minor security flaw with pam_xauth Solar Designer (Sep 27)
- Re: Minor security flaw with pam_xauth Solar Designer (Sep 27)
- Re: Minor security flaw with pam_xauth Josh Bressers (Sep 21)
- Re: Minor security flaw with pam_xauth Josh Bressers (Sep 27)