[Pkg-acpi-devel] Bug#560771: acpid: CVE-2009-4235: weak permissions on /var/log/acpid
Raphael Geissert
geissert at debian.org
Sat Dec 12 19:10:38 UTC 2009
2009/12/12 Nico Golde <nion at debian.org>:
> severity 560771 important
> thanks
>
> * Raphael Geissert <geissert at debian.org> [2009-12-12 13:23]:
>> Package: acpid
>> Version: 1.0.4-5
>> Severity: grave
>> Tags: security
>>
>> Hi,
>> the following CVE (Common Vulnerabilities & Exposures) id was
>> published for acpid.
>>
>> CVE-2009-4235[0]:
>> | acpid 1.0.4 sets an unrestrictive umask, which might allow local users
>> | to leverage weak permissions on /var/log/acpid, and obtain sensitive
>> | information by reading this file or cause a denial of service by
>> | overwriting this file, a different vulnerability than CVE-2009-4033.
>>
>> If you fix the vulnerability please also make sure to include the
>> CVE id in your changelog entry.
>>
>> The vulnerability only seems to affect oldstable, but I noticed that none of
>> the versions remove the log file, so the permissions of the file need to be
>> fixed by all the other versions.
>
> Lowering the severity as in a typical use case this file does not carry
> sensitive information and is probably also not used in many scenarios where
> the DoS vector is of great relevance.
Ok, although it can still be (ab)used to fill the partition where the
log file is stored.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
More information about the Pkg-acpi-devel
mailing list