215734 – CVE-2006-5925 elinks smb protocol arbitrary file access

Bug 215734 - CVE-2006-5925 elinks smb protocol arbitrary file access

Summary: CVE-2006-5925 elinks smb protocol arbitrary file access

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	elinks
Sub Component:
Version:	5
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	urgent
Target Milestone:	---
Assignee:	Karel Zak
QA Contact:
Docs Contact:
URL:
Whiteboard:	impact=critical,source=fulldisclosure...
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2006-11-15 14:42 UTC by Josh Bressers
Modified:	2007-11-30 22:11 UTC (History)
CC List:	0 users
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2007-03-14 20:35:30 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Josh Bressers 2006-11-15 14:42:02 UTC

+++ This bug was initially created as a clone of Bug #215731 +++

A flaw has been found in the way elinks parses smb:// protocol URLs:
http://marc.theaimsgroup.com/?l=full-disclosure&m=116355556512780&w=2

This flaw could allow a remote web page to read and write arbitrary files with
the permissions of the user running elinks.

Comment 1 Karel Zak 2006-11-21 00:42:16 UTC

The --disable-smb option has been added to FC5 and FC6 spec file (... although
this bug doesn't have impact on packages which was compiled in build roots where
is not smbclient (e.g. mock build roots).

Comment 2 Fedora Update System 2006-11-21 21:24:36 UTC

elinks-0.11.0-2.4 has been pushed for fc5, which should resolve this issue.  If these problems are still present in this version, then please make note of it in this bug report.

Comment 3 Fedora Update System 2006-11-21 21:24:53 UTC

elinks-0.11.1-5.1 has been pushed for fc6, which should resolve this issue.  If these problems are still present in this version, then please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.