Bug 81521 (CVE-2005-1152) - VUL-0: CVE-2005-1152: file-races in qpopper
Summary: VUL-0: CVE-2005-1152: file-races in qpopper
Status: RESOLVED FIXED
Alias: CVE-2005-1152
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other All
: P5 - None : Normal
Target Milestone: ---
Assignee: Sebastian Krahmer
QA Contact: Security Team bot
URL:
Whiteboard: CVE-2005-1152: CVSS v2 Base Score: 2....
Keywords:
Depends on:
Blocks:
 
Reported: 2005-05-02 08:18 UTC by Sebastian Krahmer
Modified: 2021-11-10 14:47 UTC (History)
1 user (show)

See Also:
Found By: Other
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
patch for CAN 2005-1151 (5.16 KB, patch)
2005-05-02 08:21 UTC, Sebastian Krahmer 		Details | Diff
patch for CAN2005-1152 (1.01 KB, patch)
2005-05-02 08:22 UTC, Sebastian Krahmer 		Details | Diff
patchinfo box (610 bytes, text/plain)
2005-05-02 10:46 UTC, Sebastian Krahmer 		Details
patchinfo maintained (523 bytes, text/plain)
2005-05-02 10:47 UTC, Sebastian Krahmer 		Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Sebastian Krahmer 2005-05-02 08:18:50 UTC 
Date: Wed, 27 Apr 2005 16:07:21 +0200
From: Martin Schulze <joey@infodrom.org>
To: Free Software Distribution Vendors <vendor-sec@lst.de>
Subject: [vendor-sec] CAN-2005-1151/2: Problems in qpopper
Parts/Attachments:
   1.1 Shown    ~24 lines  Text
   1.2   OK    ~178 lines  Text
   1.3   OK     ~29 lines  Text
   2            196 bytes  Application, "Digital signature"
----------------------------------------

Two bugs have been discovered in qpopper, an enhanced Post Office
Protocol (POP3) server.  The Common Vulnerability and Exposures
project identifies the following problems:

CAN-2005-1151

    Jens Steube discovered that while processing local files owned or
    provided by a normal user privileges weren't dropped, which could
    lead to the overwriting or creation of arbitrary files as root.

CAN-2005-1152

    The upstream developers noticed that qpopper could be tricked to
    creating group- or world-writable files.

I'm attaching patches for both.

Regards,

       Joey
Comment 1 Sebastian Krahmer 2005-05-02 08:21:00 UTC 
Created attachment 36210 [details]
patch for CAN 2005-1151

...
Comment 2 Sebastian Krahmer 2005-05-02 08:22:10 UTC 
Created attachment 36211 [details]
patch for CAN2005-1152

...
Comment 3 Hendrik Vogelsang 2005-05-02 09:50:46 UTC 
you still want to have 8.2 packages now that 9.3 is out?
Comment 4 Ludwig Nussel 2005-05-02 10:01:58 UTC 
8.2 is not discontinued yet
Comment 5 Sebastian Krahmer 2005-05-02 10:02:49 UTC 
Is this issue a 8.2 issue only?
Comment 6 Hendrik Vogelsang 2005-05-02 10:07:53 UTC 
nope. i was just asking :)
Comment 7 Hendrik Vogelsang 2005-05-02 10:22:29 UTC 
submitted for STABLE, 8.2->9.3 and sles8, sles9
Comment 8 Sebastian Krahmer 2005-05-02 10:33:58 UTC 
SM-Tracker-1098
Comment 9 Sebastian Krahmer 2005-05-02 10:46:51 UTC 
Created attachment 36216 [details]
patchinfo box

...
Comment 10 Sebastian Krahmer 2005-05-02 10:47:24 UTC 
Created attachment 36217 [details]
patchinfo maintained

...
Comment 11 Sebastian Krahmer 2005-05-02 10:48:23 UTC 
Patchinfos submitted. Please tell suse-dist.
Comment 12 Hendrik Vogelsang 2005-05-03 08:16:05 UTC 
done
Comment 13 Ludwig Nussel 2005-05-17 14:27:59 UTC 
not public yet
Comment 14 Thomas Biege 2005-05-24 15:55:30 UTC 
packages released today
Comment 15 Thomas Biege 2005-05-24 15:58:13 UTC 
... so we are done
Comment 16 Thomas Biege 2009-10-13 21:20:45 UTC 
CVE-2005-1152: CVSS v2 Base Score: 2.1 (AV:L/AC:L/Au:N/C:N/I:P/A:N)