Bernd Zeimetz
2010-May-31 15:27 UTC
[Secure-testing-team] Bug#583908: CVE-2010-0296: GNU Glibc mntent Newline Processing Error Lets Local Users Gain Elevated Privileges
Package: libc6 Version: 2.7-18lenny2 Severity: grave Tags: security Hi, unfortunately it is not really easy to find proper information about this issue, especially since the same CVE number is mentaioned in a Samba related bug (#572953). But as it seems it is possible to gain root access by injecting newlines into a mount entry or trough a vulnerable helper. The fix mentioned in http://securitytracker.com/alerts/2010/May/1024043.html is at least missing in stable, I did not check testing/unstable. Ubuntu released an USN on the 25th which fixes this bug and two other CVEs: http://www.ubuntu.com/usn/usn-944-1 Cheers, Bernd -- Bernd Zeimetz Debian GNU/Linux Developer http://bzed.de http://www.debian.org GPG Fingerprints: 06C8 C9A2 EAAD E37E 5B2C BE93 067A AD04 C93B FF79 ECA1 E3F2 8E11 2432 D485 DD95 EB36 171A 6FF9 435F