New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

psub and funced don't protect tempfiles (CVE-2014-2906 and CVE-2014-3856) #1437

Closed
zanchey opened this Issue Apr 28, 2014 · 0 comments

Comments

Projects
None yet
1 participant
@zanchey
Member

zanchey commented Apr 28, 2014

psub and funced both create temporary files using reasonably predictable names and are vulnerable to a race condition.

For funced, the file is sourced directly, allowing privilege escalation (CVE-2014-3856).

For psub, the file is given as an argument to other programs, allowing incorrect input to these programs (CVE-2014-2906).

@zanchey zanchey closed this in 55bc416 Apr 28, 2014

@zanchey zanchey added this to the 2.1.1 milestone Apr 29, 2014

@zanchey zanchey self-assigned this Sep 1, 2014

@zanchey zanchey changed the title from psub and funced don't protect tempfiles (CVE-2014-2906) to psub and funced don't protect tempfiles (CVE-2014-2906 and CVE-2014-3856) Sep 26, 2014

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment