Debian debian-goodies Command Execution Vulnerability - Advisories

Software Inspectors

	Scan Online

	Personal (PSI)

	Network (NSI 2.0)

Solutions For

	Security Professionals

	Security Vendors

Free Solutions For

	Open Communities

	Journalists & Media

Secunia Advisories

	Search

	Historic Advisories

	Listed By Product

	Listed By Vendor

	Statistics / Graphs

	Secunia Research

	Report Vulnerability

	About Advisories

Virus Information

	Chronological List

	Last 10 Virus Alerts

	About Virus Information

Secunia Customers

	Customer Area

Debian debian-goodies Command Execution Vulnerability

Secunia Advisory:	SA26675
Release Date:	2007-09-06
Last Update:	2008-03-25

Critical:	Less critical
Impact:	Privilege escalation
Where:	Local system
Solution Status:	Vendor Patch

OS:	Debian GNU/Linux 3.1 Debian GNU/Linux 4.0 Debian GNU/Linux unstable alias sid


CVE reference:	CVE-2007-3912 (Secunia mirror)

	Want to know the next time vulnerabilities are fixed in this product? - Companies can be alerted via email and SMS!

Description: Thomas de Grenier de Latour has discovered a vulnerability in the debian-goodies package for Debian Linux, which can be exploited by malicious, local users to perform actions with escalated privileges. The vulnerability is caused due to an input validation error within the "checkrestart" script when reading the process list. This can be exploited to execute commands with "root" privileges by invoking a program with a specially crafted file name and an administrative user executes "checkrestart". The vulnerability is confirmed in version 0.27 included in Debian stable and reported in 0.33. Other versions may also be affected. Solution: Apply updated packages. -- Debian GNU/Linux 3.1 alias sarge -- Source archives: http://security.debian.org/pool/updat...ies/debian-goodies_0.23+sarge1.tar.gz Size/MD5 checksum: 11779 e0834e7e962fabc65362a60c73362585 http://security.debian.org/pool/updat...oodies/debian-goodies_0.23+sarge1.dsc Size/MD5 checksum: 819 37eb124fef7c9897ea41ec861ec740ff Architecture independent packages: http://security.debian.org/pool/updat...es/debian-goodies_0.23+sarge1_all.deb Size/MD5 checksum: 22488 c8bc8eab12c7e3f29e53f4172ee837a4 -- Debian GNU/Linux 4.0 alias etch -- Source archives: http://security.debian.org/pool/updat...goodies/debian-goodies_0.27+etch1.dsc Size/MD5 checksum: 836 8653d033f9e6b9f0949fab2cc1813970 http://security.debian.org/pool/updat...dies/debian-goodies_0.27+etch1.tar.gz Size/MD5 checksum: 28708 089ff8f154eb3fe4bc47dd85f1581a65 Architecture independent packages: http://security.debian.org/pool/updat...ies/debian-goodies_0.27+etch1_all.deb Size/MD5 checksum: 36868 2739973911e8b0d9ec12559507f6a708 -- Debian GNU/Linux unstable alias sid -- Fixed in version 0.34. Provided and/or discovered by: Thomas de Grenier de Latour Changelog: 2008-03-25: Updated "Solution" section. Added link to "Original Advisory" section. Original Advisory: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=440411 http://www.debian.org/security/2008/dsa-1527



Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise. Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.

1239 Related Secunia Security Advisories, displaying 10

1. Debian update for sympa

2. Debian update for dbus

3. Debian update for libtk-img

4. Debian update for imlib2

5. Debian update for xorg-server

6. Debian update for mt-daapd

7. Debian update for typo3

8. Debian update for xorg-server

9. Debian update for tomcat5.5

10. Debian update for libvorbis

Show all related advisories

Send Feedback to Secunia

If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com. Ideas, suggestions, and other feedback are most welcome.

Secunia PSI
Scan | Patch | Track
Free Download

Secunia Poll

Most Popular Advisories

1.	Mozilla Firefox Multiple Vulnerabilities

2.	Opera for Windows Unspecified Code Execution

3.	VLC Media Player WAV Processing Integer Overflow

4.	Mozilla Thunderbird Multiple Vulnerabilities

5.	PCRE pcre_compile.c Buffer Overflow Vulnerability

6.	GNOME Glib PCRE pcre_compile.c Buffer Overflow Vulnerability

7.	Fedora update for glib2

8.	FreeStyle Wiki Cross-Site Scripting Vulnerability

9.	UnixWare ReliantHA Privilege Escalation Vulnerabilities

10.	zlib Denial of Service Vulnerability