Bug#408556: SECURITY: Incorrect MIME type detection can trick
users into running arbitrary commands
Loïc Minier
lool at dooz.org
Fri Jan 26 20:05:42 CET 2007
Package: gnome-vfs2
Version: 2.14.2-4
Severity: serious
Tags: security
Hi,
This seems to be an old known problem / bug / vulnerability which is
described here:
<https://bugzilla.novell.com/show_bug.cgi?id=238503>
It affects GNOME but not Xfce and KDE which work with the same
shared-mime-info data. It seems the freedesktop.org XML database
provides "OR" type matching instead of "AND" type matching on the
a) extension and b) magic criterions found in the database (that is: it
is enough to match the magic of a desktop file to be considered one,
even if the extension is not .desktop).
Some interesting bits:
<http://lists.freedesktop.org/archives/xdg/2007-January/thread.html#9150>
This is a design issue with shared-mime-info, but should be worked
around in gnome-vfs2 (I think).
Bye,
-- System Information:
Debian Release: 4.0
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-3-686
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
--
Loïc Minier <lool at dooz.org>
More information about the Pkg-gnome-maintainers
mailing list