[Pkg-acpi-devel] Bug#560771: acpid: CVE-2009-4235: weak permissions on /var/log/acpid

Nico Golde nion at debian.org
Sat Dec 12 18:53:09 UTC 2009

severity 560771 important

* Raphael Geissert <geissert at debian.org> [2009-12-12 13:23]:
> Package: acpid
> Version: 1.0.4-5
> Severity: grave
> Tags: security
> Hi,
> the following CVE (Common Vulnerabilities & Exposures) id was
> published for acpid.
> CVE-2009-4235[0]:
> | acpid 1.0.4 sets an unrestrictive umask, which might allow local users
> | to leverage weak permissions on /var/log/acpid, and obtain sensitive
> | information by reading this file or cause a denial of service by
> | overwriting this file, a different vulnerability than CVE-2009-4033.
> If you fix the vulnerability please also make sure to include the
> CVE id in your changelog entry.
> The vulnerability only seems to affect oldstable, but I noticed that none of 
> the versions remove the log file, so the permissions of the file need to be 
> fixed by all the other versions.

Lowering the severity as in a typical use case this file does not carry 
sensitive information and is probably also not used in many scenarios where 
the DoS vector is of great relevance.

Nico Golde - http://www.ngolde.de - nion at jabber.ccc.de - GPG: 0xA0A0AAAA
For security reasons, all text in this mail is double-rot13 encrypted.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-acpi-devel/attachments/20091212/60791209/attachment.pgp>

More information about the Pkg-acpi-devel mailing list