[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <43C7FFE2.3020804@merydion.com>
Date: Fri Jan 13 19:36:42 2006
From: amurkland at merydion.com (Austin Murkland)
Subject: Re: [ GLSA 200601-09 ] Wine: Windows Metafile
SETABORTPROC vulnerability
Can anyone else verify Steve Gibson's assertion that this flaw was
intentionally placed by Microsoft programmers?
http://www.grc.com/sn/SN-022.htm
Sune Kloppenborg Jeppesen wrote:
> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
> Gentoo Linux Security Advisory GLSA 200601-09
> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
> http://security.gentoo.org/
> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
>
> Severity: Normal
> Title: Wine: Windows Metafile SETABORTPROC vulnerability
> Date: January 13, 2006
> Bugs: #118101
> ID: 200601-09
>
> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
>
> Synopsis
> ========
>
> There is a flaw in Wine in the handling of Windows Metafiles (WMF)
> files, which could possibly result in the execution of arbitrary code.
>
> Background
> ==========
>
> Wine is a free implementation of Windows APIs for Unix-like systems.
>
> Affected packages
> =================
>
> -------------------------------------------------------------------
> Package / Vulnerable / Unaffected
> -------------------------------------------------------------------
> 1 app-emulation/wine < 20050930 >= 20050930
>
> Description
> ===========
>
> H D Moore discovered that Wine implements the insecure-by-design
> SETABORTPROC GDI Escape function for Windows Metafile (WMF) files.
>
> Impact
> ======
>
> An attacker could entice a user to open a specially crafted Windows
> Metafile (WMF) file from within a Wine executed Windows application,
> possibly resulting in the execution of arbitrary code with the rights
> of the user running Wine.
>
> Workaround
> ==========
>
> There is no known workaround at this time.
>
> Resolution
> ==========
>
> All Wine users should upgrade to the latest version:
>
> # emerge --sync
> # emerge --ask --oneshot --verbose ">=app-emulation/wine-20050930"
>
> References
> ==========
>
> [ 1 ] CVE-2006-0106
> http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0106
>
> Availability
> ============
>
> This GLSA and any updates to it are available for viewing at
> the Gentoo Security Website:
>
> http://security.gentoo.org/glsa/glsa-200601-09.xml
>
> Concerns?
> =========
>
> Security is a primary focus of Gentoo Linux and ensuring the
> confidentiality and security of our users machines is of utmost
> importance to us. Any security concerns should be addressed to
> security@...too.org or alternatively, you may file a bug at
> http://bugs.gentoo.org.
>
> License
> =======
>
> Copyright 2006 Gentoo Foundation, Inc; referenced text
> belongs to its owner(s).
>
> The contents of this document are licensed under the
> Creative Commons - Attribution / Share Alike license.
>
> http://creativecommons.org/licenses/by-sa/2.0
>
--
Austin Murkland
Network Admin.
Merydion Corporation
p. 626.337.0111 f. 626.608.0402
Powered by blists - more mailing lists