ports/129981: [vuxml] [patch] net-p2p/verlihub: document and fix CVE-2008-5706
Eygene Ryabinkin
rea-fbsd at codelabs.ru
Sun Dec 28 12:01:12 UTC 2008
Added reference to CVE-2008-5705 to the VuXML entry.
--- vuln.xml begins here ---
<vuln vid="4b2c603e-d456-11dd-84ec-001fc66e7203">
<topic>verlihub -- insecure temporary file usage and arbitrary command execution</topic>
<affects>
<package>
<name>verlihub</name>
<range><lt>0.9.8.d.r2_2,1</lt></range>
</package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>Anonymous security researcher reports:</p>
<blockquote
cite="http://milw0rm.com/exploits/7183">
<p>Verlihub does not sanitize user input passed to the shell
via its "trigger" mechanism.</p>
</blockquote>
<p>Entry for CVE-2008-5706 says:</p>
<blockquote
cite="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5706">
<p>The cTrigger::DoIt function in src/ctrigger.cpp in the
trigger mechanism in the daemon in Verlihub 0.9.8d-RC2 and
earlier allows local users to overwrite arbitrary files via a
symlink attack on the /tmp/trigger.tmp temporary file.</p>
</blockquote>
</body>
</description>
<references>
<cvename>CVE-2008-5705</cvename>
<cvename>CVE-2008-5706</cvename>
<url>http://milw0rm.com/exploits/7183</url>
</references>
<dates>
<discovery>22-11-2008</discovery>
<entry>TODAY</entry>
</dates>
</vuln>
--- vuln.xml ends here ---
--
Eygene
_ ___ _.--. #
\`.|\..----...-'` `-._.-'_.-'` # Remember that it is hard
/ ' ` , __.--' # to read the on-line manual
)/' _/ \ `-_, / # while single-stepping the kernel.
`-'" `"\_ ,_.-;_.-\_ ', fsc/as #
_.-'_./ {_.' ; / # -- FreeBSD Developers handbook
{_.-``-' {_/ #
More information about the freebsd-ports-bugs
mailing list