GNU Tar vulnerability
Josh Paetzel
josh at tcbug.org
Tue Nov 28 12:53:58 PST 2006
On Tuesday 28 November 2006 13:50, Sergey Matveychuk wrote:
> Josh Paetzel wrote:
> > On Tuesday 28 November 2006 11:17, Sergey Matveychuk wrote:
> >> Please, note: http://secunia.com/advisories/23115/
> >>
> >> A port maintainer CC'ed.
> >
> > This is one of those things where the impact is hard to determine
> > because the link doesn't really give much info. Ok, you can
> > overwrite arbitrary files.....ANY file? Or just files that the
> > user running gtar has write access to? If it's the first case
> > then that's huge. If it's the second case then who really cares.
>
> I'm sure it's the second case.
> I think it should care root mostly. But any users dislike too if
> there is a chance to lost their .login, .bashrc etc.
>
> An exploit is available on SecurityFocus.
hrmm....didn't really think this one through. I was looking at it
from the 'you have a local user who would want to root your box using
this' perspective. Looking at it from a different viewpoint,
say, 'you have someone who would like to do mean things from remote
by providing you with corrupt tar archives' puts a different spin on
it altogether.
--
Thanks,
Josh Paetzel
More information about the freebsd-security
mailing list