Bug#669388: wicd-daemon: Fix for CVE-2012-2095 invalidates all templates that use 'ca_cert', 'password' and other fields.

Thu, 19 Apr 2012 07:06:33 -0700 

Package: wicd-daemon
Version: 1.7.2.1-1
Severity: grave
Tags: upstream
Justification: renders package unusable

Hi there,

[tl;dr.  wicd 1.7.2 (upstream development revision 751) introduces
a fatal bug that invalidates many connection templates.]

I just upgraded my wicd installation (to Wheezy's 1.7.2) and witnessed
my wireless connection fail.  wicd's log file contains entries that read

    2012/04/19 13:10:22 :: Trying to set invalid property (or property not 
permitted): ca_cert.
    2012/04/19 13:10:22 :: Trying to set invalid property (or property not 
permitted): password.
    2012/04/19 13:10:22 :: Trying to set invalid property (or property not 
permitted): identity.

Those settings will accordingly not be reflected in
/etc/wicd/wireless-settings.conf or /var/lib/wicd/configurations/*.

I (quickly :) realized that the changes introduced in reaction to
CVE-2012-2095 where to blame.  So, without further ado, I'll point you
the appropriate patch:

    
http://bazaar.launchpad.net/~wicd-devel/wicd/experimental/revision/751/wicd/wicd-daemon.py

The properties that `self._validProperties` introduces are *nowhere
near* a complete representation of supported wpa_supplicant fields
(which it quite probably should!).  Just to be sure, I consulted
wpa_supplicant.conf(5) and found all of the "invalid properties" above
used in examples.

Finally, I applied the patch below to
/usr/share/wicd/daemon/wicd-daemon.py and could 'appily browse again
(thus the bug report :).

I suggest you get this to upstream's attentation as quickly as possible
as quite a few of wicd's own templates are now invalid.  Hence the
elevated priority (I *do* hope, I'm not wrong on this ... ).

Thanks!

Regards,
  Hagen Fuchs



Trivial proof-of-concept patch (diff -wu wicd-daemon.py*):

--- wicd-daemon.py      2012-04-19 15:35:52.023010442 +0200
+++ wicd-daemon.py.hfuchs       2012-04-19 15:55:04.830971520 +0200
@@ -1087,9 +1087,10 @@
         """ Sets property to value in network specified. """
         # We don't write script settings here.
         if prop.strip() not in self._validProperties:
-            print "Trying to set invalid property (or property not " \
-                  "permitted): "+ prop.strip() + "."
-            return False
+            print "I'll allow that - for now!  :)"
+            #print "Trying to set invalid property (or property not " \
+            #      "permitted): "+ prop.strip() + "."
+            #return False
         self.LastScan[netid][prop] = misc.to_unicode(misc.Noneify(value))

     @dbus.service.method('org.wicd.daemon.wireless')



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Reply via email to