Package: verlihub
Severity: grave
Tags: security
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
An exploit[0] has been published for verlihub:
> Verlihub does not sanitize user input passed to the shell via its
> "trigger"
> mechanism. Furthermore, the Verlihub daemon can optionally be
> configured to
> run as root. This allows for the arbitrary execution of commands
> by users
> connected to the hub and, in the case of the daemon running
> as root,
> complete commandeering of the machine.
Also:
src/ctrigger.cpp line 108:
filename.append("/tmp/trigger.tmp");
Malicious user could prepare a /tmp/trigger.tmp file to cause serious
data loss or compromise a system.
Author provides a fix.
If you fix the vulnerability please also make sure to include the CVE id
(if available) in the changelog entry.
[0]http://milw0rm.com/exploits/7183
Giuseppe.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkkn4lMACgkQNxpp46476ar09wCeMT8YoPI+tozAdDQqmwBjAkcX
uUUAoI5tBGEPAYP+O7sOzDAvyPCE+8W5
=ZfcS
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
