lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <4a6942471003240707g27be9df9m9a1807c00b26fbd2@mail.gmail.com>
Date: Wed, 24 Mar 2010 10:07:46 -0400
From: Dan Rosenberg <dan.j.rosenberg@...il.com>
To: bugtraq@...urityfocus.com, full-disclosure@...ts.grok.org.uk
Subject: Multiple vulnerabilities in Deliver

==================================
 Deliver, multiple vulnerabilites
 March 24, 2010
 CVE-2010-0439
==================================

==Description==

Deliver (http://deliver.sourceforge.net/), a mail delivery program installed
suid
root as /usr/bin/deliver, is vulnerable to several race conditions that can
be
exploited by a local attacker using symbolic links.  On systems using
Deliver
over NFS, these attacks can result in gaining root privileges via taking
ownership
of critical system files.  On other systems, these attacks can result in
denial-of-service conditions and information disclosure.  In addition, users
can
deny service to other users by creating lockfiles for other users'
mailboxes.

==Solution==

Users are advised to discontinue use of Deliver in the absence of a patch or
new release from the developer.

==Credits==

These vulnerabilities were discovered by Dan Rosenberg
(dan.j.rosenberg@...il.com).

==Timeline==

1/14/10 - Vulnerabilities discovered
1/27/10 - Developer notified
1/27/10 - Developer response, fix planned
3/20/10 - Fix deadlines repeatedly passed, disclosure date set at 3/24/10
3/24/10 - Disclosure

==References==

CVE identifier CVE-2010-0439 has been assigned to these issues.

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ