oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE Request: Gambas Directory hijack vulnerability

From: Salvatore Bonaccorso <carnil () debian org>
Date: Fri, 1 Mar 2013 22:53:08 +0100
Hi Kurt

It was found that Gambas is vulnerable to a (temorary files) directory
hijack vulnerability. Here two references:

 http://seclists.org/fulldisclosure/2013/Feb/116 (fulldisclosure)
 http://code.google.com/p/gambas/issues/detail?id=365 (upstream
 bugtracker)

Upstream also mentioned the following in their changelog for 3.4.0
release:

* BUG: Ensure that the interpreter temporary directory is owned by the
  current user and that its rights are accurate. Otherwise abort.
* BUG: When creating the process temporary directory, check the permissions
  of both the top directory (gambas.) and the process directory
  inside.

 http://gambasdoc.org/help/doc/release/3.4.0?view

Upstream fixes done via #5438 and #5464:

 http://sourceforge.net/p/gambas/code/5438/
 http://sourceforge.net/p/gambas/code/5464/

Can a CVE be assigned to this?

Regards,
Salvatore
Previous By Date Next
Previous By Thread Next

Current thread: