Bug 215807

Summary: CVE-2006-5925 elinks smb protocol arbitrary file access
Product: [Retired] Fedora Legacy Reporter: Jeff Sheltren <sheltren>
Component: elinksAssignee: Fedora Legacy Bugs <bugs>
Status: CLOSED WONTFIX QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecified   
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard: impact=critical, LEGACY, 3, 4, publish-fc3, publish-fc4
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2007-03-14 21:14:07 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Jeff Sheltren 2006-11-15 20:47:50 UTC 
An arbitrary file access flaw was found in the Elinks SMB protocol handler.
A malicious web page could have caused Elinks to read or write files with
the permissions of the user running Elinks. (CVE-2006-5925)

RH Announcement: https://rhn.redhat.com/errata/RHSA-2006-0742.html

Looks like this was "fixed" in RHEL4 by disabling SMB within elinks - any
objections to doing similar for FC3/FC4?
Comment 1 Jeff Sheltren 2006-11-16 01:09:48 UTC 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Since it turns out smb is disabled within elinks on
all RHEL versions, I think we should be safe to do the same.

I've created updated packages for FC3 and FC4 to fix this issue.
The FC3 package uses the patch from EL4.
For the FC4 package, I have simply added the "--disable-smb"
flag to the configure line in the spec.  This seems cleaner
to me than creating a new patch, especially since I know
very little about automake and autoconf :)

FC3:
http://www.cs.ucsb.edu/~jeff/legacy/elinks-0.9.2-2.2.legacy.src.rpm
6a55680e935e1a43f5dfd75bfd6a65bfebbdef03  elinks-0.9.2-2.2.legacy.src.rpm

FC4:
http://www.cs.ucsb.edu/~jeff/legacy/elinks-0.10.3-3.2.legacy.src.rpm
7af60eef166015d6fdeba755e1a879ac2cb52bd3  elinks-0.10.3-3.2.legacy.src.rpm
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (Darwin)

iD8DBQFFW7ndKe7MLJjUbNMRAtszAJ9FuIi8kFAViEHk8cKxe2HRa6x2bQCfYNPp
bRu0QO/XRF8sAVQvlJQWqGc=
=xDxD
-----END PGP SIGNATURE-----
Comment 2 Karel Zak 2007-03-14 20:38:21 UTC 
Can we close this bug?
Comment 3 Jeff Sheltren 2007-03-14 21:14:07 UTC 
Sure.  Legacy is no longer providing security updates, so I don't see any reason
to keep this open.