oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE Request: sblim-sfcb: insecure LD_LIBRARY_PATH usage

From: Kurt Seifried <kseifried () redhat com>
Date: Fri, 06 Jul 2012 15:42:31 -0600
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 07/06/2012 03:41 PM, Kurt Seifried wrote:

Originally found at: 
https://bugzilla.novell.com/show_bug.cgi?id=770234

Marcus Meissner 2012-07-06 12:18:54 UTC

found by grep.

/etc/init.d/sfcb uses:

LD_LIBRARY_PATH=/usr/lib:$LD_LIBRARY_PATH

which is insecure if LD_LIBRARY_PATH is empty. It makes binaries
use libraries from the current directory, which is a problem if
e.g. a administrator starts the sfcb service from a untrusted
directory.

Also it uses it to set /usr/lib, a default path.

Just get rid of the whole if ... as it is useless.

This is now filed in Red Hat: 
https://bugzilla.redhat.com/show_bug.cgi?id=838160


Please use CVE-2012-3381 for this issue.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJP91vGAAoJEBYNRVNeJnmT5pQP/itPwd/YT5ea2oo/n4BbfYxC
q0Vz2bsa3GpLCbv+4nx4rDFDxnThH1AJXCnYjorK1ssyAG7TfKG9sffABeWGw9dL
ZQNzhfeK7fx/lIRrG8Mb7iU5BsgulA9uv9gr32rXFTZMOLcs2v/CKyo98LaxDFx1
aeP65r2mbn8uyrdXj3iZTcxk8EDCtLlfXsU8xhCc9l9c1Lqtgh2uTPa9kV0XZf0n
8MigcvzUjKdxWAvScjSGDnm4X/7UIUQdN5IDgcZKhRJ4UkEmrl1fSTEYOg0p8av3
rxANTXe7FfyLCJRM8yYjDIzFf0bi5t8VitotS/SrCI7cSumbbLl1lZcclxqRLvdv
lbKsFRvbqgcle8rXsDGkCBq4M3dVFiqIZyhh3JSIOmkaGHJ1wRM+m93Q2aubFRU/
3Rz7aYTTepkSyGaQh9quD2psvPo1y//TBf/1pcNs9CTvlITH4iayjZpbwaCZDNSQ
/MWUXiJvsKzev1vCm4AwYmToxj4ZM1H4TQlCF1nFz2XklwbC3R8ta9blTzRYOfBr
pY7GMFmkDNaVy53+26UeIuJaLyrk0rfomi5oqJI2kGaDulWVcpnOAi3xo2V9ziVb
tZam8L4k97utFw27VMhJKD+0PkrDTdGu/wMZFxUBwpRK/77AWZy+SKDTbceIJ+tY
31zanQNxf+GTo3Isbt/P
=NOGk
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: