Bug 215807 - CVE-2006-5925 elinks smb protocol arbitrary file access
CVE-2006-5925 elinks smb protocol arbitrary file access
Status: CLOSED WONTFIX
Product: Fedora Legacy
Classification: Retired
Component: elinks (Show other bugs)
unspecified
All Linux
medium Severity medium
: ---
: ---
Assigned To: Fedora Legacy Bugs
impact=critical, LEGACY, 3, 4, publis...
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2006-11-15 15:47 EST by Jeff Sheltren
Modified: 2008-08-02 19:40 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-03-14 17:14:07 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Jeff Sheltren 2006-11-15 15:47:50 EST
An arbitrary file access flaw was found in the Elinks SMB protocol handler.
A malicious web page could have caused Elinks to read or write files with
the permissions of the user running Elinks. (CVE-2006-5925)

RH Announcement: https://rhn.redhat.com/errata/RHSA-2006-0742.html

Looks like this was "fixed" in RHEL4 by disabling SMB within elinks - any
objections to doing similar for FC3/FC4?
Comment 1 Jeff Sheltren 2006-11-15 20:09:48 EST
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Since it turns out smb is disabled within elinks on
all RHEL versions, I think we should be safe to do the same.

I've created updated packages for FC3 and FC4 to fix this issue.
The FC3 package uses the patch from EL4.
For the FC4 package, I have simply added the "--disable-smb"
flag to the configure line in the spec.  This seems cleaner
to me than creating a new patch, especially since I know
very little about automake and autoconf :)

FC3:
http://www.cs.ucsb.edu/~jeff/legacy/elinks-0.9.2-2.2.legacy.src.rpm
6a55680e935e1a43f5dfd75bfd6a65bfebbdef03  elinks-0.9.2-2.2.legacy.src.rpm

FC4:
http://www.cs.ucsb.edu/~jeff/legacy/elinks-0.10.3-3.2.legacy.src.rpm
7af60eef166015d6fdeba755e1a879ac2cb52bd3  elinks-0.10.3-3.2.legacy.src.rpm
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (Darwin)

iD8DBQFFW7ndKe7MLJjUbNMRAtszAJ9FuIi8kFAViEHk8cKxe2HRa6x2bQCfYNPp
bRu0QO/XRF8sAVQvlJQWqGc=
=xDxD
-----END PGP SIGNATURE-----
Comment 2 Karel Zak 2007-03-14 16:38:21 EDT
Can we close this bug?
Comment 3 Jeff Sheltren 2007-03-14 17:14:07 EDT
Sure.  Legacy is no longer providing security updates, so I don't see any reason
to keep this open.

Note You need to log in before you can comment on or make changes to this bug.