oss-sec mailing list archives
Re: [notification] CVE-2013-6888: uscan: remote code execution
From: Jakub Wilk <jwilk () debian org>
Date: Thu, 6 Feb 2014 14:27:04 +0100
* Raphael Geissert <geissert () debian org>, 2014-01-06, 11:57:
Two other changes were made that IMO should be considered as hardening: http://anonscm.debian.org/gitweb/?p=collab-maint/devscripts.git;a=commitdiff;h=4b7e58ee6000cdefac0682601cec6ecce0137467
I believe that untarring files to a direct subdirectory of /tmp (at least without --keep-old-files) is a vulnerability, although admittedly with very low severity. If the tarball contained a "." file, then tar would change permissions of the destination directory, possibly making the directly accessible to other users. This is (similar to?) CWE-378.
http://anonscm.debian.org/gitweb/?p=collab-maint/devscripts.git;a=commitdiff;h=b815aa438f018b5afc566eb403b0319a99a32995
As far as I can tell, this one is indeed hardening only. -- Jakub Wilk
Current thread:
- [notification] CVE-2013-6888: uscan: remote code execution Raphael Geissert (Jan 06)
- Re: [notification] CVE-2013-6888: uscan: remote code execution Jakub Wilk (Feb 06)
- Re: [notification] CVE-2013-6888: uscan: remote code execution cve-assign (Feb 12)
- Re: [notification] CVE-2013-6888: uscan: remote code execution Jakub Wilk (Feb 06)