Re: CVE request: arbitrary code exec in bcfg2

[Kurt Seifried <kseifried () redhat com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 06/27/2012 12:32 PM, Vincent Danen wrote:
> bcfg2 suffers from an arbitrary code execution flaw due to the
> Trigger plugin.  Upstream has corrected the issue in git, but no
> released packages are available and it looks like this has been
> around for a while (indicated that 1.x is affected as well, up to
> and including the current 1.2.2 release).
>
> Looks like an authenticated remote root compromise (need to be able
> to log into bcfg2 to exploit it, and bcfg2 typically runs as
> root).
>
> Could a CVE be assigned to this please?
>
> References:
>
> http://permalink.gmane.org/gmane.comp.sysutils.bcfg2.devel/4539 
> http://trac.mcs.anl.gov/projects/bcfg2/changeset/a524967e8d5c4c22e49cd619aed20c87a316c0be
>
>  http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=679272 
> https://bugzilla.redhat.com/show_bug.cgi?id=835985
>
> Thanks.

Please use CVE-2012-3366 for this issue.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJP66UPAAoJEBYNRVNeJnmTMiEQAK8J+IZ7SNzjwnwFzqpMQxbV
UM6iv7vs9Y9a2MyIN1msCLEzQIKN/b+p/56vSBA1K1djD2mRslC5bABpxS1V2nVA
/E1sG5AF/jx4aNCH2dxcPUoWV+msPSgwpujHqVG2QHDfMZsTP/+ieY9e1aCdBumC
OdRiQkkFZG3f+yzGeSjdjOJse5APZorPrYPvR1jIxQIbn7BtgbRtW80y1Q4LWA4F
DUuevtfY43HPdCdauvUksobnjN7jMItDm/QJAnhuXtgRjb7RRCT9a6t+p44x+CDi
XqmHzfvTfi5xjw/2oncJf5lxtKVJhljn9R+5CeJlHn+/foVtb945EAMk+mSzqpVp
Ucpg8GXW5V0/W3hA7Ss/xBoN9BcSaI1daRC5+nmOAuBHIb+4yCqr2MYIl4rWlTz8
7BMMZsCBSmPtwKa1bCu3vr6+90GLZPh6hp5cIyc4Ls4zbIo7Rlqe8wS24CWGrS32
YyGQAfHE1dgq8TnGOZWpTYwBtT8BsU7vHiblMoq6EhjdaedLvXKqz2By2pm5/J19
us6IcIzlxVOjGlRONDDFRVpC6rgu73T7gde200TnGruHFB3TZT6ZuHbdRzzGl0Nj
bZvqxc5xnS7g3fva1ftN8dx+NcdW4VnFSH2x6QVuZwEPyyIHLOL5kBR0hznhmEBy
a5Q/V9QEy08qCiU5Gzj8
=KkK/
-----END PGP SIGNATURE-----