Date: Tue, 6 Sep 2011 16:41:36 -0400 (EDT) From: Josh Bressers <bressers@...hat.com> To: oss-security@...ts.openwall.com Cc: Jonathan Wiltshire <jmw@...ian.org>, coley <coley@...re.org> Subject: Re: CVE request for bcfg2 (remote root) Please use CVE-2011-3211 Thanks. -- JB ----- Original Message ----- > Hi, > > A bug report in Debian has come to light for which I can find no other > information, and therefore I do not believe it has a CVE - but > probably > should. > > From http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=640028 : > > "All released stable versions of the bcfg2-server contain several > cases > where data from the client is used in a shell command without properly > escaping it first. The 1.2 prerelease series has been fixed. > > "At least the SSHbase plugin has been confirmed as being exploitable. > This is a remote root hole, which requires that the SSHbase plugin is > enabled and that the attacker has control of a bcfg2 client machine." > > A patch for the problem has been commited  upstream and backported >  to > the 1.1 series. > > 1: > https://github.com/solj/bcfg2/commit/f4a35efec1b6a1e54d61cf1b8bfc83dd1d89eef7 > 2: > https://github.com/solj/bcfg2/commit/46795ae451ca6ede55a0edeb726978aef4684b53 > > Please CC me, I am not subscribed. > > Thanks, > > -- > Jonathan Wiltshire jmw@...ian.org > Debian Developer http://people.debian.org/~jmw > > 4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ