Public bug reported: Binary package hint: opendchub
This was reported to full-disclosure: http://www.indahax.com/exploits/opendchub-0-8-1-remote-code-execution-exploit#more-600 The exploit does not give shell in lucid version (0.8.0) but it will cause the daemon to crash: $ gdb -q (gdb) att 8503 Attaching to process 8503 Reading symbols from /usr/bin/opendchub...(no debugging symbols found)...done. Reading symbols from /usr/lib/libperl.so.5.10...(no debugging symbols found)...done. Loaded symbols for /usr/lib/libperl.so.5.10 Reading symbols from /lib/libdl.so.2...(no debugging symbols found)...done. Loaded symbols for /lib/libdl.so.2 Reading symbols from /lib/libm.so.6...(no debugging symbols found)...done. Loaded symbols for /lib/libm.so.6 Reading symbols from /lib/libpthread.so.0...(no debugging symbols found)...done. [Thread debugging using libthread_db enabled] Loaded symbols for /lib/libpthread.so.0 Reading symbols from /lib/libc.so.6...(no debugging symbols found)...done. Loaded symbols for /lib/libc.so.6 Reading symbols from /lib/libcrypt.so.1...(no debugging symbols found)...done. Loaded symbols for /lib/libcrypt.so.1 Reading symbols from /lib/libcap.so.2...(no debugging symbols found)...done. Loaded symbols for /lib/libcap.so.2 Reading symbols from /lib/libnsl.so.1...(no debugging symbols found)...done. Loaded symbols for /lib/libnsl.so.1 Reading symbols from /lib64/ld-linux-x86-64.so.2...(no debugging symbols found)...done. Loaded symbols for /lib64/ld-linux-x86-64.so.2 Reading symbols from /lib/libattr.so.1...(no debugging symbols found)...done. Loaded symbols for /lib/libattr.so.1 Reading symbols from /lib/libnss_compat.so.2...(no debugging symbols found)...done. Loaded symbols for /lib/libnss_compat.so.2 Reading symbols from /lib/libnss_nis.so.2...(no debugging symbols found)...done. Loaded symbols for /lib/libnss_nis.so.2 Reading symbols from /lib/libnss_files.so.2...(no debugging symbols found)...done. Loaded symbols for /lib/libnss_files.so.2 0x00007ff5e1825f18 in poll () from /lib/libc.so.6 (gdb) c Continuing. Program received signal SIGPIPE, Broken pipe. 0x00007ff5e18244c0 in write () from /lib/libc.so.6 (gdb) c Continuing. Program received signal SIGABRT, Aborted. 0x00007ff5e177fa75 in raise () from /lib/libc.so.6 (gdb) c Continuing. Program terminated with signal SIGABRT, Aborted. The program no longer exists. I have applied a patch from upstream which solves the problem. Package builds, installs and runs cleanly in lucid chroot. ** Affects: opendchub (Ubuntu) Importance: Undecided Status: New -- OpenDcHub 0.8.1 Remote Code Execution Exploit https://bugs.launchpad.net/bugs/576507 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
