gypsy opens arbitrary files, has unchecked buffer overflows
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Gypsy |
Fix Released
|
Critical
|
|||
gypsy (Fedora) |
Invalid
|
Medium
|
|||
gypsy (Suse) |
Fix Released
|
Medium
|
|||
gypsy (Ubuntu) |
Fix Released
|
High
|
Unassigned | ||
Maverick |
Fix Released
|
High
|
Unassigned | ||
Natty |
Fix Released
|
High
|
Unassigned | ||
Oneiric |
Fix Released
|
High
|
Unassigned |
Bug Description
Regular users can request that arbitrary files be opened for reading. In the best case, this is a denial of service. Worst-case, this could lead to information disclosure or privilege escalation.
** (gypsy-
** (gypsy-
** (gypsy-
** (gypsy-
** (gypsy-
open("/etc/shadow", O_RDONLY|
open("/etc/shadow", O_RDWR|
** (gypsy-
There appear to be unchecked buffer overflows as well in gps_channel_
ProblemType: Bug
DistroRelease: Ubuntu 11.04
Package: gypsy-daemon 0.8-0ubuntu1
ProcVersionSign
Uname: Linux 2.6.37-9-generic x86_64
Architecture: amd64
Date: Tue Dec 14 11:23:26 2010
ProcEnviron:
LANGUAGE=en_US:en
PATH=(custom, user)
LANG=en_US.utf8
SHELL=/bin/bash
SourcePackage: gypsy
Changed in gypsy: | |
status: | Unknown → Confirmed |
Changed in gypsy (Suse): | |
importance: | Unknown → Medium |
status: | Unknown → Confirmed |
Changed in gypsy: | |
importance: | Unknown → Critical |
Changed in gypsy (Ubuntu Maverick): | |
importance: | Undecided → High |
Changed in gypsy (Ubuntu Natty): | |
importance: | Undecided → High |
Changed in gypsy (Ubuntu Oneiric): | |
importance: | Undecided → High |
Changed in gypsy (Ubuntu Maverick): | |
status: | New → Triaged |
Changed in gypsy (Ubuntu Natty): | |
status: | New → Triaged |
Changed in gypsy (Ubuntu Oneiric): | |
status: | New → Triaged |
Changed in gypsy (Ubuntu Oneiric): | |
status: | Triaged → Confirmed |
Changed in gypsy (Ubuntu Natty): | |
status: | Triaged → Confirmed |
Changed in gypsy (Ubuntu Maverick): | |
status: | Triaged → Confirmed |
Changed in gypsy: | |
status: | Confirmed → Fix Released |
Changed in gypsy (Suse): | |
status: | Confirmed → Fix Released |
Changed in gypsy (Fedora): | |
importance: | Unknown → Medium |
status: | Unknown → Invalid |
Reported to upstream on Dec 14th, never heard back. :(