Ubuntu
ndiswrapper package

ndiswrapper -r should check its argument

Bug #267715 reported by Georg Neis on 2008-09-08

260

Affects		Status	Importance	Assigned to	Milestone
	ndiswrapper (Ubuntu)	Triaged	Medium	Unassigned

Bug Description

"ndiswrapper -r $foo" doesn't do any checks but simply tries to delete /etc/ndiswrapper/$foo (and everything below). So, if $foo is something like ../bla, then it will try to delete /etc/bla.

ProblemType: Bug
Architecture: amd64
Date: Mon Sep 8 12:48:41 2008
DistroRelease: Ubuntu 8.04
NonfreeKernelModules: nvidia
Package: ndiswrapper-utils-1.9 1.50-1ubuntu1
PackageArchitecture: amd64
ProcEnviron:
LC_CTYPE=en_US.UTF-8
PATH=/home/username/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/X11R6/bin
SHELL=/bin/zsh
SourcePackage: ndiswrapper
Uname: Linux 2.6.24-19-generic x86_64

Tags:

Revision history for this message

Georg Neis (gn) wrote on 2008-09-08:

Dependencies.txt Edit (202 bytes, text/plain; charset="utf-8")

Revision history for this message

Przemek K. (azrael) wrote on 2010-04-08:

This bug is an upstream one and it would be quite helpful if somebody experiencing it could send the bug the to the people writing the software. You can learn more about how to do this for various upstreams at https://wiki.ubuntu.com/Bugs/Upstream. Thanks in advance!

Upstream for ndiswrapper is: http://sourceforge.net/tracker/?group_id=93482&atid=604450

Revision history for this message

Jordon Bedwell (envygeeks) wrote on 2011-06-28:

This bug is far wider than the original submitter had originally assumed. After testing this bug for security (by recommendation) and validating it to see if it should be closed, I soon discovered I was able to delete /dev/null and /etc/ndiswrapper and any other directory I chose to delete using ndiswrapper -r. I have submitted this bug upstream as well as this is a security bug.

https://sourceforge.net/tracker/?func=detail&aid=3342097&group_id=93482&atid=604450