2012-01-06 13:43:16 |
Julian Taylor |
bug |
|
|
added bug |
2012-01-06 13:45:21 |
Julian Taylor |
bug |
|
|
added subscriber newbuntu |
2012-01-06 13:45:58 |
Julian Taylor |
description |
wakeup uses temporary files insecurly in multiple places in the code.
e.g. this code in data/scripts/wakeup:67 is probably exploitable to place abitrary code into roots crontab.
tmpfile=/tmp/wake
eval "$dosudo crontab -l >$tmpfile"
snoozetime=$(date -d "+$snooze min" "+%M %H %d %m %w")
echo "$snoozetime /usr/bin/wakeup $1 $2 >/dev/null 2>&1"\
"#entered by setnextalarm" >>$tmpfile
eval "$dosudo crontab $tmpfile; rm $tmpfile"
there also many uses os.system which could be a problem, but I did not check if any of them are exploitable. |
wakeup uses temporary files insecurly in multiple places in the code.
e.g. this code in data/scripts/wakeup:67 is probably exploitable to place abitrary code into roots crontab.
tmpfile=/tmp/wake
eval "$dosudo crontab -l >$tmpfile"
snoozetime=$(date -d "+$snooze min" "+%M %H %d %m %w")
echo "$snoozetime /usr/bin/wakeup $1 $2 >/dev/null 2>&1"\
"#entered by setnextalarm" >>$tmpfile
eval "$dosudo crontab $tmpfile; rm $tmpfile"
there also many uses os.system which could be a problem, but I did not check if any of them are exploitable.
affects 1.1-0ubuntu1 currently in oneiric and precise. |
|
2012-01-06 13:46:33 |
Julian Taylor |
description |
wakeup uses temporary files insecurly in multiple places in the code.
e.g. this code in data/scripts/wakeup:67 is probably exploitable to place abitrary code into roots crontab.
tmpfile=/tmp/wake
eval "$dosudo crontab -l >$tmpfile"
snoozetime=$(date -d "+$snooze min" "+%M %H %d %m %w")
echo "$snoozetime /usr/bin/wakeup $1 $2 >/dev/null 2>&1"\
"#entered by setnextalarm" >>$tmpfile
eval "$dosudo crontab $tmpfile; rm $tmpfile"
there also many uses os.system which could be a problem, but I did not check if any of them are exploitable.
affects 1.1-0ubuntu1 currently in oneiric and precise. |
wakeup uses temporary files insecurly in multiple places in the code.
e.g. this code in data/scripts/wakeup:67 is probably exploitable to place abitrary code into roots crontab.
tmpfile=/tmp/wake
eval "$dosudo crontab -l >$tmpfile"
snoozetime=$(date -d "+$snooze min" "+%M %H %d %m %w")
echo "$snoozetime /usr/bin/wakeup $1 $2 >/dev/null 2>&1"\
"#entered by setnextalarm" >>$tmpfile
eval "$dosudo crontab $tmpfile; rm $tmpfile"
there also many uses os.system which could be a problem, but I did not check if any of them are exploitable.
affects 1.0-0ubuntu1 and 1.1-0ubuntu1. |
|
2012-01-11 15:30:56 |
Marc Deslauriers |
visibility |
private |
public |
|
2012-01-11 15:30:56 |
Marc Deslauriers |
visibility |
private |
public |
|
2012-01-11 15:30:57 |
Marc Deslauriers |
bug |
|
|
added subscriber Ubuntu Bugs |
2012-01-11 15:31:26 |
Marc Deslauriers |
wakeup (Ubuntu): status |
New |
Confirmed |
|
2012-01-11 15:31:33 |
Marc Deslauriers |
wakeup (Ubuntu): importance |
Undecided |
Medium |
|
2012-01-13 18:23:00 |
newbuntu |
wakeup (Ubuntu): status |
Confirmed |
Fix Committed |
|
2012-01-15 09:05:00 |
newbuntu |
wakeup (Ubuntu): status |
Fix Committed |
In Progress |
|
2012-02-07 19:24:41 |
newbuntu |
wakeup (Ubuntu): status |
In Progress |
Fix Committed |
|
2012-02-12 14:05:11 |
Launchpad Janitor |
wakeup (Ubuntu): status |
Fix Committed |
Fix Released |
|
2012-02-12 14:41:26 |
Launchpad Janitor |
branch linked |
|
lp:ubuntu/wakeup |
|
2012-02-20 18:17:53 |
newbuntu |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
2012-02-21 08:19:00 |
Martin Pitt |
removed subscriber Ubuntu Stable Release Updates Team |
|
|
|
2012-02-21 08:19:06 |
Martin Pitt |
nominated for series |
|
Ubuntu Oneiric |
|
2012-02-21 08:19:06 |
Martin Pitt |
bug task added |
|
wakeup (Ubuntu Oneiric) |
|
2012-02-21 11:03:07 |
newbuntu |
wakeup (Ubuntu Oneiric): status |
New |
Fix Committed |
|
2013-05-21 21:38:49 |
Jamie Strandboge |
wakeup (Ubuntu Oneiric): status |
Fix Committed |
Won't Fix |
|