oss-sec mailing list archives
Re: CVE request: ibutils improper use of files in /tmp
From: "Larry W. Cashdollar" <larry0 () me com>
Date: Tue, 26 Mar 2013 12:10:31 +0000 (GMT)
Hi, I doubled checked this, it looks like this was already assigned CVE-2013-2561 On Mar 25, 2013, at 08:09 PM, Kurt Seifried <kseifried () redhat com> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 03/25/2013 03:49 PM, Vincent Danen wrote: > It was reported on full-disclosure that ibutils suffers from > improper use of files /tmp that could allow a user to clobber files > as the user running ibutils (probably usually root). > > I didn't see a CVE request for this or anything show up here; if > one hasn't been assigned, could it be? > > Thanks. > > References: > > http://seclists.org/fulldisclosure/2013/Mar/87 > https://bugzilla.redhat.com/show_bug.cgi?id=927430 Please use CVE-2013-1894 for this issue.- -- Kurt Seifried Red Hat Security Response Team (SRT)PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) iQIcBAEBAgAGBQJRURF/AAoJEBYNRVNeJnmTLAEQAJAJTUMELV+Cb1TO5VZ3bPXi r+QmVkNQ3UmiOghXSrEli6xSam++o8BElOV0U8QvFNXgA+li+Q0cO2Q0Mr3tJul1 cN03uk2TqN23VE00zd6e+2cl+NNmNCe0b6qGuIJVjaz3CSMGGQ+IZXmbHFVxMeK3 fICzq94S0r/3PPhondXmX8QIaudaCa4pQey4dR0vWaIcoq7WN/QKk2p2zvDX+sVk +2wKg4tKTP3luIHlF53VRGlIW0jYryI6s7Lcen15gELMa3AbcgYNAqMmiGAUlBBJ lRe3W82FZM2vTh4fAjQU6hsmeXaJ6WYGg9btO4Br1Vubn3F5J6wChW8LTUMJaI7v MB9glPv7LdY+L+0qDpLWbdq0DlIWRmBDZNL7Mwvh4ZSJIsCTENdp+FgRNaNoCMWP uGybDpL3PIlam4XwhzYKgjMr31lwIc1nNzr6QVGRZOijSo+ZaLkV3It0ZG2a7JCf 41Gdqjer3gyN3zSH5WQ33GA/UT0QHchJYmf+AnEQROMhsOGIZBvTpMmkEOQmcS00 sp7omCvootJIAmaHesKIo1U3lwZ4kbIYO+j0dbl/lmHewoL0O/zmULL/BHwdZc5s S9EO7Qh/VZ03dM4rvnuRt3+zw+qWzzXqs1+wJS4IWMLKohbnHz364l3pLsQz2Gaa PP1j2t5J9pE9URLDnfwF =a+Xw -----END PGP SIGNATURE-----
Current thread:
- CVE request: ibutils improper use of files in /tmp Vincent Danen (Mar 25)
- Re: CVE request: ibutils improper use of files in /tmp Larry W. Cashdollar (Mar 25)
- Re: CVE request: ibutils improper use of files in /tmp Kurt Seifried (Mar 25)
- Re: CVE request: ibutils improper use of files in /tmp Larry W. Cashdollar (Mar 26)
- Re: CVE request: ibutils improper use of files in /tmp Vincent Danen (Mar 26)
- Re: CVE request: ibutils improper use of files in /tmp Vincent Danen (Mar 26)
- Re: CVE request: ibutils improper use of files in /tmp Kurt Seifried (Mar 26)
- Re: CVE request: ibutils improper use of files in /tmp Kurt Seifried (Mar 26)
- Re: CVE request: ibutils improper use of files in /tmp Agostino Sarubbo (Mar 26)
- Re: CVE request: ibutils improper use of files in /tmp Larry W. Cashdollar (Mar 26)