Bug#453239: scanbuttond: CVE-2007-6131 possible symlink attack
Hi! From my previous mail regarding this issue sent elsewhere: This issue may not affect other vendors. From quick look over Debian/Ubuntu packages, they do not seem affected, as default buttonpressed.sh script has almost all content commented out (just a template / example) and daemon does not seem to be run. buttonpressed.sh in Debian package contains examples, which, when uncommented by system administrator, can introduce this problem. HTH -- Tomas Hoger
Bug#453239: scanbuttond: CVE-2007-6131 possible symlink attack
Well, the buttonpressed.sh script is clearly intended just as a piece of documentation with quick tips for systems without untrusted users (typically home computers). A system administrator who would just blindly uncomment the examples on a server with common user accounts should better spend his time by administering operating systems other than Debian GNU/* :-). So I'll just add a big warning about this to the script comments and README.Debian. Is it sufficient or do you think anything more is necessary? Regards, Milan Zamazal -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#453239: scanbuttond: CVE-2007-6131 possible symlink attack
Hi Milan, * Milan Zamazal [EMAIL PROTECTED] [2007-11-28 21:03]: Well, the buttonpressed.sh script is clearly intended just as a piece of documentation with quick tips for systems without untrusted users (typically home computers). A system administrator who would just blindly uncomment the examples on a server with common user accounts should better spend his time by administering operating systems other than Debian GNU/* :-). So I'll just add a big warning about this to the script comments and README.Debian. Is it sufficient or do you think anything more is necessary? Nope, sounds good. I marked this as unimportant in the tracker. Thanks for looking more into it. Kind regards Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted. pgpA8hthOq9KH.pgp Description: PGP signature
Bug#453239: scanbuttond: CVE-2007-6131 possible symlink attack
Package: scanbuttond Severity: 0.2.3-4 Tags: security Hi, the following CVE (Common Vulnerabilities Exposures) id was published for scanbuttond. CVE-2007-6131[0]: | buttonpressed.sh in scanbuttond 0.2.3 allows local users to overwrite | arbitrary files via a symlink attack on the (1) scan.pnm and (2) | scan.jpg temporary files. If you fix this vulnerability please also include the CVE id in your changelog entry. For further information: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6131 Kind regards Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted. pgpDziLbTaZu8.pgp Description: PGP signature