[Pkg-acpi-devel] Bug#560771: acpid: CVE-2009-4235: weak permissions on /var/log/acpid
Nico Golde
nion at debian.org
Sat Dec 12 18:53:09 UTC 2009
severity 560771 important
thanks
* Raphael Geissert <geissert at debian.org> [2009-12-12 13:23]:
> Package: acpid
> Version: 1.0.4-5
> Severity: grave
> Tags: security
>
> Hi,
> the following CVE (Common Vulnerabilities & Exposures) id was
> published for acpid.
>
> CVE-2009-4235[0]:
> | acpid 1.0.4 sets an unrestrictive umask, which might allow local users
> | to leverage weak permissions on /var/log/acpid, and obtain sensitive
> | information by reading this file or cause a denial of service by
> | overwriting this file, a different vulnerability than CVE-2009-4033.
>
> If you fix the vulnerability please also make sure to include the
> CVE id in your changelog entry.
>
> The vulnerability only seems to affect oldstable, but I noticed that none of
> the versions remove the log file, so the permissions of the file need to be
> fixed by all the other versions.
Lowering the severity as in a typical use case this file does not carry
sensitive information and is probably also not used in many scenarios where
the DoS vector is of great relevance.
Cheers
Nico
--
Nico Golde - http://www.ngolde.de - nion at jabber.ccc.de - GPG: 0xA0A0AAAA
For security reasons, all text in this mail is double-rot13 encrypted.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-acpi-devel/attachments/20091212/60791209/attachment.pgp>
More information about the Pkg-acpi-devel
mailing list