bug-cpio
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug-cpio] Ubuntu patch for cpio CAN-2005-1111 and CAN-2005-1229

From: Clint Adams
Subject: [Bug-cpio] Ubuntu patch for cpio CAN-2005-1111 and CAN-2005-1229
Date: Thu, 29 Sep 2005 10:15:04 -0400
User-agent: Mutt/1.5.9i 
Ubuntu has written a patch to address the following two security issues.

| Imran Ghory found a race condition in the handling of output files.
| While a file was unpacked with cpio, a local attacker with write
| permissions to the target directory could exploit this to change the
| permissions of arbitrary files of the cpio user. (CAN-2005-1111)
| 
| Imran Ghory discovered a path traversal vulnerability. Even when the
| --no-absolute-filenames option was specified, cpio did not filter out
| ".." path components. By tricking an user into unpacking a malicious
| cpio archive, this could be exploited to install files in arbitrary
| paths with the privileges of the user calling cpio. (CAN-2005-1229)

They have it here:

http://patches.ubuntu.com/patches/cpio.CAN-2005-1111_1229.diff
reply via email to
[Prev in Thread] Current Thread [Next in Thread]