(CVE-2012-3386) CVE-2012-3386 automake: locally exploitable "make distcheck" bug
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
automake (Debian) |
Fix Released
|
Unknown
|
|||
automake (Fedora) |
Fix Released
|
Low
|
|||
automake (Ubuntu) |
Incomplete
|
Low
|
Unassigned |
Bug Description
Stefano Lattarini discovered a vulnerability in automake
that is much like the one that prompted CVE-2009-4029:
automake's distcheck rule makes distdir briefly world-writable.
Stefano also wrote the patch below.
This bug is slightly more limited because it affects only the
"make distcheck" rule, while CVE-2009-4029 affected all dist* rules.
The point is that with these temporarily-relaxed directory permissions,
an attacker can cause the person running "make distcheck" in an attacker-
accessible (o+rx, or possibly only o+x) directory to run arbitrary code.
Version-Release number of selected component (if applicable):
everything prior to v1.12.1-
How reproducible:
The directory is world-writable only briefly, but the flaw is
exploitable.
http://
visibility: | private → public |
Changed in automake (Ubuntu): | |
status: | New → Triaged |
importance: | Undecided → Low |
Changed in automake (Debian): | |
status: | Unknown → Fix Released |
Changed in automake (Fedora): | |
importance: | Unknown → Low |
status: | Unknown → Fix Released |
Changed in automake (Ubuntu): | |
status: | Triaged → Incomplete |
Description of problem:
Stefano Lattarini discovered a vulnerability in automake
that is much like the one that prompted CVE-2009-4029:
automake's distcheck rule makes distdir briefly world-writable.
Stefano also wrote the patch below.
This bug is slightly more limited because it affects only the
"make distcheck" rule, while CVE-2009-4029 affected all dist* rules.
The point is that with these temporarily-relaxed directory permissions,
an attacker can cause the person running "make distcheck" in an attacker-
accessible (o+rx, or possibly only o+x) directory to run arbitrary code.
Version-Release number of selected component (if applicable): 214-g15b8b62
everything prior to v1.12.1-
How reproducible:
The directory is world-writable only briefly, but the flaw is
exploitable.