lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20070814033255.GH7789@outflux.net>
Date: Mon, 13 Aug 2007 20:32:55 -0700
From: Kees Cook <kees@...ntu.com>
To: ubuntu-security-announce@...ts.ubuntu.com
Cc: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com
Subject: [USN-497-1] xfce4-terminal vulnerability

=========================================================== 
Ubuntu Security Notice USN-497-1            August 14, 2007
xfce4-terminal vulnerability
CVE-2007-3770
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 6.10
Ubuntu 7.04

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
  xfce4-terminal                           0.2.5+r21674-0ubuntu2.1

Ubuntu 6.10:
  xfce4-terminal                           0.2.5.4-0ubuntu2.1

Ubuntu 7.04:
  xfce4-terminal                           0.2.6-0ubuntu3.1

After a standard system upgrade you need to restart your session to
effect the necessary changes.

Details follow:

Lasse Kärkkäinen discovered that the Xfce Terminal did not correctly
escape shell meta-characters during "Open Link" actions.  If a remote
attacker tricked a user into opening a specially crafted URI, they could
execute arbitrary commands with the user's privileges.


Updated packages for Ubuntu 6.06 LTS:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/x/xfce4-terminal/xfce4-terminal_0.2.5+r21674-0ubuntu2.1.diff.gz
      Size/MD5:     7892 902a748e0c0fe963aed9f62d7492247c
    http://security.ubuntu.com/ubuntu/pool/main/x/xfce4-terminal/xfce4-terminal_0.2.5+r21674-0ubuntu2.1.dsc
      Size/MD5:      982 7ab2af378e2db311101541887b3d899f
    http://security.ubuntu.com/ubuntu/pool/main/x/xfce4-terminal/xfce4-terminal_0.2.5+r21674.orig.tar.gz
      Size/MD5:  1719502 202f3d5364127ee2cd3434e7fecad5d2

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/x/xfce4-terminal/xfce4-terminal_0.2.5+r21674-0ubuntu2.1_amd64.deb
      Size/MD5:  1005574 5b196f5dc586000452233f215248423b

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/x/xfce4-terminal/xfce4-terminal_0.2.5+r21674-0ubuntu2.1_i386.deb
      Size/MD5:   998716 7476e02c550b2876da957249e126ba91

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/x/xfce4-terminal/xfce4-terminal_0.2.5+r21674-0ubuntu2.1_powerpc.deb
      Size/MD5:  1002380 eec3f73feb99b58aaef302ffa0cf24b8

  sparc architecture (Sun SPARC/UltraSPARC)

    http://security.ubuntu.com/ubuntu/pool/main/x/xfce4-terminal/xfce4-terminal_0.2.5+r21674-0ubuntu2.1_sparc.deb
      Size/MD5:  1000628 822e33229ad34eb7703051a8ea3eab88

Updated packages for Ubuntu 6.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/x/xfce4-terminal/xfce4-terminal_0.2.5.4-0ubuntu2.1.diff.gz
      Size/MD5:     7764 6759a5320fc94d1c95d2fd68dbbf974d
    http://security.ubuntu.com/ubuntu/pool/main/x/xfce4-terminal/xfce4-terminal_0.2.5.4-0ubuntu2.1.dsc
      Size/MD5:      967 5556541b5e806d77a068018609d97674
    http://security.ubuntu.com/ubuntu/pool/main/x/xfce4-terminal/xfce4-terminal_0.2.5.4.orig.tar.gz
      Size/MD5:  1914192 858ff414d46c2bdd695da3874ef01090

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/x/xfce4-terminal/xfce4-terminal_0.2.5.4-0ubuntu2.1_amd64.deb
      Size/MD5:  1010080 607dc6c46565dac2cfa378134e5d91e2

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/x/xfce4-terminal/xfce4-terminal_0.2.5.4-0ubuntu2.1_i386.deb
      Size/MD5:  1004880 343ed30f5a69e7caeb081269c7300b31

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/x/xfce4-terminal/xfce4-terminal_0.2.5.4-0ubuntu2.1_powerpc.deb
      Size/MD5:  1006248 2c3e3ff2ceb6711f055b4e1af3c28607

  sparc architecture (Sun SPARC/UltraSPARC)

    http://security.ubuntu.com/ubuntu/pool/main/x/xfce4-terminal/xfce4-terminal_0.2.5.4-0ubuntu2.1_sparc.deb
      Size/MD5:  1004086 b7744640ce68f8f8d8763dee3414ffb8

Updated packages for Ubuntu 7.04:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/x/xfce4-terminal/xfce4-terminal_0.2.6-0ubuntu3.1.diff.gz
      Size/MD5:     8617 2ed6e7705918937831599b2c3d366777
    http://security.ubuntu.com/ubuntu/pool/main/x/xfce4-terminal/xfce4-terminal_0.2.6-0ubuntu3.1.dsc
      Size/MD5:     1043 435a5294f568d44abbd907bec892e50e
    http://security.ubuntu.com/ubuntu/pool/main/x/xfce4-terminal/xfce4-terminal_0.2.6.orig.tar.gz
      Size/MD5:  1989139 c93cc68cc7656dfcb57118a999b79242

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/x/xfce4-terminal/xfce4-terminal_0.2.6-0ubuntu3.1_amd64.deb
      Size/MD5:  1014248 8af1dd3b37a96344c3a892de94745867

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/x/xfce4-terminal/xfce4-terminal_0.2.6-0ubuntu3.1_i386.deb
      Size/MD5:  1008944 a3e14fefeecbc2b3128652b809c5a27a

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/x/xfce4-terminal/xfce4-terminal_0.2.6-0ubuntu3.1_powerpc.deb
      Size/MD5:  1019758 fd1f70e5262180924f1f741f8abf79b7

  sparc architecture (Sun SPARC/UltraSPARC)

    http://security.ubuntu.com/ubuntu/pool/main/x/xfce4-terminal/xfce4-terminal_0.2.6-0ubuntu3.1_sparc.deb
      Size/MD5:  1012044 3539fef005cc32fa15e331870b3313bb


Download attachment "signature.asc" of type "application/pgp-signature" (190 bytes)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ