diff options
| author | brooks <brooks@FreeBSD.org> | 2006-08-16 05:09:15 +0800 |
|---|---|---|
| committer | brooks <brooks@FreeBSD.org> | 2006-08-16 05:09:15 +0800 |
| commit | 507e95fefc49e5c116470d3deee55dc56a698517 (patch) | |
| tree | d702b126981491e774e0e30532f1a0d206097124 /security | |
| parent | 7ca9d0f9b3f8b2ac28a3b9197ca9183efb79d66b (diff) | |
| download | freebsd-ports-gnome-507e95fefc49e5c116470d3deee55dc56a698517.tar.gz freebsd-ports-gnome-507e95fefc49e5c116470d3deee55dc56a698517.tar.zst freebsd-ports-gnome-507e95fefc49e5c116470d3deee55dc56a698517.zip | |
Add entry for globus tmpfile creation bugs.
Diffstat (limited to 'security')
| -rw-r--r-- | security/vuxml/vuln.xml | 42 |
1 files changed, 42 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 53299cfc16d7..1f8e045d58d6 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -34,6 +34,48 @@ Note: Please add new entries to the beginning of this file. --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="5039ae61-2c9f-11db-8401-000ae42e9b93"> + <topic>globus -- Multiple tmpfile races</topic> + <affects> + <package> + <name>globus</name> + <range><lt>4.0.2_20060706</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>The Globus Alliance reports:</p> + <blockquote cite="http://www.globus.org/mail_archive/security-announce/2006/08/msg00000.html"> + <p>The proxy generation tool (grid-proxy-init) creates the + file, secures the file to provide access only to owner and + writes proxy to the file. A race condition exists between + the opening of the proxy credentials file, and making sure + it is safe file to write to. The checks to ensure this + file is accessible only to the owner take place using the + filename after the file is opened for writing, but before + any data is written.</p> + </blockquote> + <blockquote cite="http://www.globus.org/mail_archive/security-announce/2006/08/msg00001.html"> + <p>Various components of the toolkit use files in shared + directories to store information, some being sensitive + information. For example, the tool to create proxy + certificates, stores the generated proxy certificate by + default in /tmp. Specific vulnerabilities in handling such + files were reported in myproxy-admin-adduser, grid-ca-sign + and grid-security-config.</p> + </blockquote> + </body> + </description> + <references> + <url>http://www.globus.org/mail_archive/security-announce/2006/08/msg00000.html</url> + <url>http://www.globus.org/mail_archive/security-announce/2006/08/msg00001.html</url> + </references> + <dates> + <discovery>2006-08-08</discovery> + <entry>2006-08-15</entry> + </dates> + </vuln> + <vuln vid="9dda3ff1-2b02-11db-a6e2-000e0c2e438a"> <topic>x11vnc -- authentication bypass vulnerability</topic> <affects> |