[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] CVE request: mono loading shared libs from cwd
From:       Josh Bressers <bressers () redhat ! com>
Date:       2010-11-10 19:40:00
Message-ID: 1300562402.574981289418000790.JavaMail.root () zmail01 ! collab ! prod ! int ! phx2 ! redhat ! com
[Download RAW message or body]

Please use CVE-2010-4159

Thanks.

-- 
    JB


----- "Thomas Biege" <thomas@suse.de> wrote:

> missed to add:
> http://lists.ximian.com/pipermail/mono-patches/2010-October/177900.html
> 
> Am Mittwoch 10 November 2010 15:18:26 schrieb Thomas Biege:
> > Hello folks,
> > 
> > from our bugzilla.
> > 
> > "
> > http://www.mono-project.com/DllNotFoundException explains that the
> mono
> > runtime
> > searches the current working directory for DLLs.  This opens a
> serious
> > security
> > hole.  Malicious code can be given the same name as a DLL and left
> in a
> > directory the user might visit.  Also, it means that no mono
> application
> >  can safely set the current working directory.
> > 
> > Microsoft themselves addressed this issue in Windows
> > http://msdn.microsoft.com/en-us/library/ms682586(v=VS.85).aspx
> > 
> > It's a well known "dummies" question for Unix why you must not have
> "." on
> > your
> > path
> >
> http://www.unix.com/unix-dummies-questions-answers/22806-why-bad-idea-inser
> > t- dot-path.html
> > 
> > Mono is exposing users to these same old hat problems.
> > 
> > (As a related problem, many mono programs seem to *assume* that they
> will
> >  be run with the CWD set to their installed directory, and break if
> it
> >  isn't.) "
> > 
> > Filed by Richard Brooksby.
> > 
> 
> -- 
>  Thomas Biege <thomas@suse.de>, SUSE LINUX, Security Support &
> Auditing
>  SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg)
> --
>   Wer aufhoert besser werden zu wollen, hoert auf gut zu sein.
>                             -- Marie von Ebner-Eschenbach
[prev in list] [next in list] [prev in thread] [next in thread] 

Configure | About | News | Add a list | Sponsored by KoreLogic