Package: verlihub Severity: grave Tags: security -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hi, An exploit[0] has been published for verlihub: > Verlihub does not sanitize user input passed to the shell via its > "trigger" > mechanism. Furthermore, the Verlihub daemon can optionally be > configured to > run as root. This allows for the arbitrary execution of commands > by users > connected to the hub and, in the case of the daemon running > as root, > complete commandeering of the machine. Also: src/ctrigger.cpp line 108: filename.append("/tmp/trigger.tmp"); Malicious user could prepare a /tmp/trigger.tmp file to cause serious data loss or compromise a system. Author provides a fix. If you fix the vulnerability please also make sure to include the CVE id (if available) in the changelog entry. [0]http://milw0rm.com/exploits/7183 Giuseppe. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkkn4lMACgkQNxpp46476ar09wCeMT8YoPI+tozAdDQqmwBjAkcX uUUAoI5tBGEPAYP+O7sOzDAvyPCE+8W5 =ZfcS -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]