Bug 457939 (CVE-2008-3278)

Summary: CVE-2008-3278 frysk: insecure relative RPATH
Product: [Other] Security Response Reporter: Tomas Hoger <thoger>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED WONTFIX QA Contact:
Severity: low Docs Contact:
Priority: low    
Version: unspecifiedCC: ebachalo
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-01-04 10:09:41 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Tomas Hoger 2008-08-05 16:27:07 UTC 
frysk packages as shipped in Red Hat Enterprise Linux 5 are built with an insecure RPATH set in the ELF header of the multiple binaries shipped in the package.

This issue can possibly be exploited by a local attacker to run arbitrary code
as some other user if victim user can be convinced to run one of the affected frysk commands in an attacker controlled directory with specially crafted content.

Affected binaries: /usr/bin/f* (e.g. fcore, fcatch, fstack, fstep, ...)
RPATH: @RPATH@
Comment 1 Tomas Hoger 2008-08-05 16:32:16 UTC 
This issue does not affect current frysk-0.4-0 packages in Fedora.