Ubuntu
suphp package

[CVE-2008-1614] privilege escalation via symlink attack

  1. Dapper (6.06)
  2. Bug #216245
Bug #216245 reported by William Grant
260
Affects Status Importance Assigned to Milestone
suphp (Debian)
Fix Released
Unknown
suphp (Ubuntu)
Fix Released
High
Unassigned
Dapper
Won't Fix
Undecided
Unassigned
Edgy
Won't Fix
Undecided
Unassigned
Feisty
Won't Fix
Undecided
Unassigned
Gutsy
Won't Fix
Undecided
Unassigned
Hardy
Fix Released
High
Unassigned

Bug Description

CVE-2008-1614 appears to affect all releases:

"suPHP before 0.6.3 allows local users to gain privileges via (1) a race condition that involves multiple symlink changes to point a file owned by a different user, or (2) a symlink to the directory of a different user, which is used to determine privileges."

Related branches

lp:ubuntu/karmic/suphp

CVE References

William Grant (wgrant)
Changed in suphp:
importance: Undecided → High
status: New → Confirmed
Revision history for this message
William Grant (wgrant) wrote :

Here's a debdiff for Hardy. I need a MOTU Release ack for this.

Changed in suphp:
status: Confirmed → New
Revision history for this message
StefanPotyra (sistpoty) wrote :

ACK for hardy.

Changed in suphp:
status: New → Confirmed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package suphp - 0.6.2-2ubuntu1

---------------
suphp (0.6.2-2ubuntu1) hardy; urgency=low

  * SECURITY UPDATE: privilege escalation via race condition (LP: #216245)
    - debian/patches/10_CVE-2008-1614.dpatch: Fix race condition in symlink
      handling. Patch from Debian.
    - References:
      + CVE-2008-1614
  * Modify Maintainer value to match the DebianMaintainerField
    specification.

 -- William Grant <email address hidden> Sat, 19 Apr 2008 21:12:27 +1000

Changed in suphp:
status: Confirmed → Fix Released
Bug Watch Updater (bug-watch-updater)
Changed in suphp:
status: Unknown → New
Bug Watch Updater (bug-watch-updater)
Changed in suphp:
status: New → Fix Released
Revision history for this message
Hew (hew) wrote :

Ubuntu Edgy Eft is no longer supported, so a SRU will not be issued for this release. Marking Edgy as Won't Fix.

Changed in suphp:
status: New → Won't Fix
Revision history for this message
Hew (hew) wrote :

Ubuntu Feisty Fawn is no longer supported, so a SRU will not be issued for this release. Marking Feisty as Won't Fix.

Changed in suphp:
status: New → Won't Fix
Revision history for this message
Sergio Zanchetta (primes2h) wrote :

The 18 month support period for Gutsy Gibbon 7.10 has reached its end of life -
http://www.ubuntu.com/news/ubuntu-7.10-eol . As a result, we are closing the
Gutsy task.

Changed in suphp (Ubuntu Gutsy):
status: New → Won't Fix
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

Thank you for reporting this bug to Ubuntu. dapper has reached EOL
(End of Life) and is no longer supported. As a result, this bug
against dapper is being marked "Won't Fix". Please see
https://wiki.ubuntu.com/Releases for currently supported Ubuntu
releases.

Please feel free to report any other bugs you may find.

Changed in suphp (Ubuntu Dapper):
status: New → Won't Fix
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.