Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <4C066D07.10007@redhat.com>
Date: Wed, 02 Jun 2010 16:39:03 +0200
From: Jan Lieskovsky <jlieskov@...hat.com>
To: "Steven M. Christey" <coley@...us.mitre.org>,
        oss-security <oss-security@...ts.openwall.com>
CC: Keith Rarick <kr@....us>
Subject: CVE Request -- Beanstalkd (prior v1.4.6) -- Improper sanitization
 of job body (job payload data)

Hi Steve, vendors,

   Graham Barr reported that beanstalkd v1.4.5 and earlier, improperly
sanitized job data, sent together with put command from client.
A remote attacker, providing a specially-crafted job data in request,
could use this flaw to bypass intended beanstalk client commands
dispatch mechanism, leading to unauthorized execution of beanstalk
client commands.

References:
   [1] http://kr.github.com/beanstalkd/2010/05/23/1.4.6-release-notes.html
   [2] http://bugs.gentoo.org/show_bug.cgi?id=322457

Upstream changeset:
   [3] http://github.com/kr/beanstalkd/commit/2e8e8c6387ecdf5923dfc4d7718d18eba1b0873d

Could you allocate a CVE id for this?

Thanks && Regards, Jan.
--
Jan iankko Lieskovsky / Red Hat Security Response Team

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.