[CVE-2005-0023] /usr/sbin/gnome-pty-helper: writes arbitrary utmp records
Bug #22052 reported by
Debian Bug Importer
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Gnome Virtual Terminal Emulator |
Expired
|
High
|
|||
libzvt (Debian) |
Fix Released
|
Unknown
|
|||
libzvt (Ubuntu) |
Won't Fix
|
Low
|
Unassigned | ||
vte (Debian) |
Fix Released
|
Unknown
|
|||
vte (Ubuntu) |
Triaged
|
Medium
|
Unassigned |
Bug Description
Automatically imported from Debian bug report #329156 http://
http://
CVE References
Changed in gnome-libs: | |
status: | Unconfirmed → Confirmed |
Changed in vte: | |
status: | New → Triaged |
Changed in gnome-libs: | |
importance: | Unknown → High |
affects: | gnome-libs → vte |
affects: | gnome-libs (Debian) → vte (Debian) |
information type: | Public → Public Security |
Changed in vte: | |
status: | Confirmed → Expired |
Changed in vte (Debian): | |
status: | Confirmed → Fix Released |
Changed in vte (Debian): | |
status: | Fix Released → Unknown |
Changed in libzvt (Ubuntu): | |
importance: | Undecided → Low |
status: | New → Won't Fix |
Changed in vte (Debian): | |
status: | Unknown → Confirmed |
Changed in libzvt (Debian): | |
status: | Unknown → Fix Released |
Changed in vte (Debian): | |
status: | Confirmed → Fix Released |
To post a comment you must log in.
On Tue, Sep 20, 2005 at 09:01:20AM +1000, Paul Szabo wrote: gnome-pty- helper
> Package: libzvt2
> Version: 1.4.2-19
> Severity: critical
> File: /usr/sbin/
> Justification: root security hole
> gnome-pty-helper can be made to write utmp/wtmp records with arbitrary
> DISPLAY (host) settings. I am not sure if it can be tricked into erasing
> existing records.
Why is this filed at severity: critical? What is the attack vector here
which permits root privilege escalation?
-- www.debian. org/
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
<email address hidden> http://