[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Pine.GSO.4.51.0810221259240.25959@faron.mitre.org>
Date: Wed, 22 Oct 2008 13:00:23 -0400 (EDT)
From: "Steven M. Christey" <coley@...us.mitre.org>
To: oss-security@...ts.openwall.com
cc: "Steven M. Christey" <coley@...us.mitre.org>,
Jamie Strandboge <jamie@...onical.com>
Subject: Re: CVE request: jhead
So there are 4 CVE's overall (CVE-2008-4575 assigned earlier), with a
SPLIT of the fixed DoCommand issues from the remaining unfixed issues.
- Steve
======================================================
Name: CVE-2008-4575
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4575
Reference: MLIST:[oss-security] 20081015 Re: CVE request: jhead
Reference: URL:http://www.openwall.com/lists/oss-security/2008/10/15/6
Reference: CONFIRM:http://www.sentex.net/~mwandel/jhead/changes.txt
Reference: CONFIRM:https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/271020
Reference: BID:31770
Reference: URL:http://www.securityfocus.com/bid/31770
Buffer overflow in the DoCommand function in jhead before 2.84 might
allow context-dependent attackers to cause a denial of service (crash)
via (1) a long -cmd argument and (2) unspecified vectors related to "a
bunch of potential string overflows."
======================================================
Name: CVE-2008-4639
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4639
Reference: MLIST:[oss-security] 20081015 CVE request: jhead
Reference: URL:http://www.openwall.com/lists/oss-security/2008/10/15/5
Reference: MLIST:[oss-security] 20081015 Re: CVE request: jhead
Reference: URL:http://www.openwall.com/lists/oss-security/2008/10/15/6
Reference: MLIST:[oss-security] 20081016 Re: CVE request: jhead
Reference: URL:http://www.openwall.com/lists/oss-security/2008/10/16/3
Reference: CONFIRM:https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/271020
jhead.c in Matthias Wandel jhead before 2.84 allows local users to
overwrite arbitrary files via a symlink attack on a temporary file.
======================================================
Name: CVE-2008-4640
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4640
Reference: MLIST:[oss-security] 20081016 Re: CVE request: jhead
Reference: URL:http://www.openwall.com/lists/oss-security/2008/10/16/3
Reference: CONFIRM:https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/271020
The DoCommand function in jhead.c in Matthias Wandel jhead 2.84 and
earlier allows local users to delete arbitrary files via vectors
involving a modified input filename in which (1) a final "z" character
is replaced by a "t" character or (2) a final "t" character is
replaced by a "z" character.
======================================================
Name: CVE-2008-4641
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4641
Reference: MLIST:[oss-security] 20081015 CVE request: jhead
Reference: URL:http://www.openwall.com/lists/oss-security/2008/10/15/5
Reference: MLIST:[oss-security] 20081015 Re: CVE request: jhead
Reference: URL:http://www.openwall.com/lists/oss-security/2008/10/15/6
Reference: MLIST:[oss-security] 20081016 Re: CVE request: jhead
Reference: URL:http://www.openwall.com/lists/oss-security/2008/10/16/3
Reference: CONFIRM:https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/271020
The DoCommand function in jhead.c in Matthias Wandel jhead 2.84 and
earlier allows attackers to execute arbitrary commands via shell
metacharacters in unspecified input.
Powered by blists - more mailing lists
Please check out the
Open Source Software Security Wiki, which is counterpart to this
mailing list.
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
