Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

adequate: CVE-2013-6409: privilege escalation via tty hijacking

Related Vulnerabilities: CVE-2013-6409   CVE-2005-4890  

Source

Debian Bug report logs - #730691
adequate: CVE-2013-6409: privilege escalation via tty hijacking

version graph

Package: adequate; Maintainer for adequate is Debian QA Group <packages@qa.debian.org>; Source for adequate is src:adequate (PTS, buildd, popcon).

Reported by: Jakub Wilk <jwilk@debian.org>

Date: Thu, 28 Nov 2013 09:57:01 UTC

Severity: serious

Tags: security

Found in version adequate/0.4

Fixed in version adequate/0.8.1

Done: Jakub Wilk <jwilk@debian.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to debian-bugs-dist@lists.debian.org, jwilk@debian.org:
Bug#730691; Package adequate. (Thu, 28 Nov 2013 09:57:06 GMT) (full text, mbox, link).

Message #3 received at submit@bugs.debian.org (full text, mbox, reply):

From: Jakub Wilk <jwilk@debian.org>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: adequate: privilege escalation via tty hijacking
Date: Thu, 28 Nov 2013 10:53:13 +0100
Package: adequate
Version: 0.4
Severity: serious
Tags: security
Justification: user security hole

If root uses the --user option, then the user can hijack the tty with the 
TIOCSTI ioctl.

This is similar to CVE-2005-4890.

-- 
Jakub Wilk

Added tag(s) pending. Request was from Jakub Wilk <jwilk@debian.org> to control@bugs.debian.org. (Thu, 28 Nov 2013 10:21:09 GMT) (full text, mbox, link).

Information forwarded to debian-bugs-dist@lists.debian.org, Jakub Wilk <jwilk@debian.org>:
Bug#730691; Package adequate. (Fri, 29 Nov 2013 08:27:04 GMT) (full text, mbox, link).

Acknowledgement sent to Salvatore Bonaccorso <carnil@debian.org>:
Extra info received and forwarded to list. Copy sent to Jakub Wilk <jwilk@debian.org>. (Fri, 29 Nov 2013 08:27:04 GMT) (full text, mbox, link).

Message #10 received at 730691@bugs.debian.org (full text, mbox, reply):

From: Salvatore Bonaccorso <carnil@debian.org>
To: Jakub Wilk <jwilk@debian.org>, 730691@bugs.debian.org
Subject: Re: Bug#730691: adequate: privilege escalation via tty hijacking
Date: Fri, 29 Nov 2013 09:25:29 +0100
Control: retitle -1 adequate: CVE-2013-6409: privilege escalation via tty hijacking

Hi Jakub,

On Thu, Nov 28, 2013 at 10:53:13AM +0100, Jakub Wilk wrote:
> Package: adequate
> Version: 0.4
> Severity: serious
> Tags: security
> Justification: user security hole
> 
> If root uses the --user option, then the user can hijack the tty
> with the TIOCSTI ioctl.
> 
> This is similar to CVE-2005-4890.

I have requested a CVE for this. CVE-2013-6409 was assigned for it.

Regards,
Salvatore

Changed Bug title to 'adequate: CVE-2013-6409: privilege escalation via tty hijacking' from 'adequate: privilege escalation via tty hijacking' Request was from Salvatore Bonaccorso <carnil@debian.org> to 730691-submit@bugs.debian.org. (Fri, 29 Nov 2013 08:27:04 GMT) (full text, mbox, link).

Reply sent to Jakub Wilk <jwilk@debian.org>:
You have taken responsibility. (Fri, 29 Nov 2013 09:21:10 GMT) (full text, mbox, link).

Notification sent to Jakub Wilk <jwilk@debian.org>:
Bug acknowledged by developer. (Fri, 29 Nov 2013 09:21:10 GMT) (full text, mbox, link).

Message #17 received at 730691-close@bugs.debian.org (full text, mbox, reply):

From: Jakub Wilk <jwilk@debian.org>
To: 730691-close@bugs.debian.org
Subject: Bug#730691: fixed in adequate 0.8.1
Date: Fri, 29 Nov 2013 09:18:49 +0000
Source: adequate
Source-Version: 0.8.1

We believe that the bug you reported is fixed in the latest version of
adequate, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 730691@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Jakub Wilk <jwilk@debian.org> (supplier of updated adequate package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Thu, 28 Nov 2013 11:27:21 +0100
Source: adequate
Binary: adequate
Architecture: source all
Version: 0.8.1
Distribution: unstable
Urgency: medium
Maintainer: Jakub Wilk <jwilk@debian.org>
Changed-By: Jakub Wilk <jwilk@debian.org>
Description: 
 adequate   - Debian package quality testing tool
Closes: 730691
Changes: 
 adequate (0.8.1) unstable; urgency=medium
 .
   * Fix possible privilege escalation via tty hijacking (closes: #730691).
     + Switch users only when running ldd.
     + Run ldd with stdin redirected to /dev/null, and without controlling
       terminal when run with reduced privileges.
   * Bump standards version to 3.9.5 (no changes needed).
Checksums-Sha1: 
 7ef365addca56192cc0b3f199c190747f35b4163 1597 adequate_0.8.1.dsc
 6edbddea4266830550ca652b575361bf57858156 22303 adequate_0.8.1.tar.gz
 426892da06b2b1b26efd9e11523590a461e859e9 16636 adequate_0.8.1_all.deb
Checksums-Sha256: 
 f19126cc509c37315bad2bcab5f33128e8bd043795357312cc276f50d3feffa4 1597 adequate_0.8.1.dsc
 ed098eba2302956ca4a2462d4cd3c2086afad9d02b14f9336ce7189760fbb34d 22303 adequate_0.8.1.tar.gz
 a22ed27d295c210392d236c910cc248461a6e8b786d104588c00c760635b2d76 16636 adequate_0.8.1_all.deb
Files: 
 cfb9942eafaf16cb86aae9829c5ffffc 1597 utils optional adequate_0.8.1.dsc
 9fb8ca089ded9a7d27ae5c379974b7cd 22303 utils optional adequate_0.8.1.tar.gz
 754bc247a5c43f34ae81991cca07dda3 16636 utils optional adequate_0.8.1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)

iQIcBAEBCAAGBQJSlxtgAAoJEC1Os6YBVHX1wusP/Ao6mcwkQslPR01oZhqpQWI0
3EqmxdhhP09jqkzTJH+K0MfL9n2fwCKBZYjknovwxu8lnG10/XizLVoBcIS37RmN
SZ5qd7y1jWpfXblDixqjJaSQuNtP5wzQiOQuPGaI17/9gXUpa8V8kYO7Wh4Pg/xY
era0P14befN6knCcjUgh9+i32OzK+IwsAO+XtvJXfNLRP4f+J0MzNRanKNOtP1gD
m4F1krxEUAqPaRrdjj3bucbB+TI92qansbSqOt2o/k3vRPNWhyxFdiDIquMbeTOd
h8ban080cETz5SWXAQzoLSMLLhnNBNrqMpHB6tUDJ5qDRCIz/CZ8PsO67KD31+Ps
sryEZoAgPfwr1yO9q5ebwuwKbLSlcLQVo/pTUrohjMKbJ+GtPmVBLQo1Yd6LJHBp
aYsC8tvsApANa+OJfSH1vEiDUBWEpjnSLELmJVfXMpACiKk35KJuGX4NeyTaEkJi
ZOdU2+fGjFjcPJWdn1OTRk2qdTq01i1+UOsKuyEpvO4YGgUbtLwBVtJ0tU49tVRt
Q4EsolmGKs0zKnONOuWOp5ncXA59pkftCo1gFr957SUPkUTFFYphQ23pNOZCAGGW
PnMzFjUtAjnJgm4Te4liP/pfaQVNPbwRDdc/6F/2b4u5he3huy0xb+09zTdg8xXD
QecdTEXWE4fC9bRpc+E5
=qjSc
-----END PGP SIGNATURE-----

Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Thu, 02 Jan 2014 07:32:14 GMT) (full text, mbox, link).

Send a report that this bug log contains spam.

Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Wed Jun 19 18:14:01 2019; Machine Name: buxtehude

Debian Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started