Date: Thu, 26 Jan 2006 12:30:07 GMT From: "Simon L. Nielsen" <simon@FreeBSD.org> To: freebsd-ports-bugs@FreeBSD.org Subject: Re: ports/92359: [MAINTAINER] net-im/kpopup: FORBIDDEN (local root exploit); contains the VuXML entry Message-ID: <200601261230.k0QCU7mR001373@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR ports/92359; it has been noted by GNATS. From: "Simon L. Nielsen" <simon@FreeBSD.org> To: Ion-Mihai IOnut Tetcu <itetcu@people.tecnik93.com> Cc: FreeBSD gnats submit <FreeBSD-gnats-submit@FreeBSD.org> Subject: Re: ports/92359: [MAINTAINER] net-im/kpopup: FORBIDDEN (local root exploit); contains the VuXML entry Date: Thu, 26 Jan 2006 13:22:42 +0100 --QRj9sO5tAVLaXnSD Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2006.01.26 13:46:56 +0200, Ion-Mihai IOnut Tetcu wrote: Thanks, a few comments for the VuXML part (I can't commit it untill tonight) > --- vuln.xml.cvs Thu Jan 26 11:40:13 2006 > +++ vuln.xml Thu Jan 26 12:44:27 2006 > @@ -34,6 +34,43 @@ > =20 > --> > <vuxml xmlns=3D"http://www.vuxml.org/apps/vuxml-1">; > + <vuln vid=3D"1613db79-8e52-11da-8426-000fea0a9611"> > + <topic> kpopup -- local root exploit and local denial of service</to= pic> ^ shouldn't be space here. > + <affects> > + <package> > + <name>kpopup</name> > + <range><ge>0.9.1</ge><le>0.9.5</le></range> > + </package> > + </affects> > + <description> > + <body xmlns=3D"http://www.w3.org/1999/xhtml">; > + <p>Mitre CVE reports:</p> > + <blockquote cite=3D"http://www.cve.mitre.org/cgi-bin/cvename.cgi?name= =3DCVE-2003-1170"> When using a blockquote the content must be exactly the text from the source, CVE in this case. Minor typo or spelling fixes are OK, but only minor things. It's fine to use multiple blockquotes in the same VuXML entry, the leading text for each blockquote should just make it clear where the quote is from. For text you have written (e.g. the last credit line) simply put it at the "outer layer", I.E. not in a block quote. The reason that I generally prefer block quotes for the main description is simple that it's faster to "steal" somebody elses description (with credit of cause), than phrasing the issue myself. That said I sometimes end up writing it myself if I feel the other source texts I can find aren't very good. Since I'm blabbering on anyway, I might as well point you at my page with VuXML notes http://simon.nitro.dk/vuxml.html . Some day that will be added to the Porters Handbook.. some day :-). > + <p>Format string vulnerability in main.cpp in kpopup 0.9.1-0.9.5pre2 > + allows local users to cause a denial of service (segmentation = fault) > + and possibly execute arbitrary code via format string specifie= rs in > + command line arguments. > + misc.cpp in KPopup 0.9.1 trusts the PATH variable when executi= ng killall, > + which allows local users to elevate their privileges by modify= ing the > + PATH variable to reference a malicious killall program. > + SecurityFocus credits "b0f" b0fnet@yahoo.com</p> > + </blockquote> > + </body> > + </description> > + <references> > + <cvename>CVE-2003-1170</cvename> > + <bid>8918</bid> > + <cvename>CVE-2003-1167</cvename> > + <bid>8915</bid> > + <url>http://www.securityfocus.com/archive/1/342736</url>; > + <url>http://www.henschelsoft.de/kpopup_en.html</url>; I generally sort plain alphabetically, but that's not very important. > + </references> > + <dates> > + <discovery>2003-10-28</discovery> > + <entry>2006-01-26</entry> > + </dates> > + </vuln> > + > <vuln vid=3D"57a0242d-8c4e-11da-8ddf-000ae42e9b93"> > <topic>sge -- local root exploit in bundled rsh executable</topic> > <affects> > --- vuln.xml.diff ends here --- --=20 Simon L. Nielsen --QRj9sO5tAVLaXnSD Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (FreeBSD) iD8DBQFD2L8Rh9pcDSc1mlERAlGTAJ9Xc7PepuCnaw2Bpc3fdtKgVduzHwCeMnAK H68UqKpEkvY3j/OlFVolOtY= =0jOP -----END PGP SIGNATURE----- --QRj9sO5tAVLaXnSD--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200601261230.k0QCU7mR001373>