Bug 177682 - Untrusted search path vulnerability (CVE-2008-4865)
Summary: Untrusted search path vulnerability (CVE-2008-4865)
Status: RESOLVED FIXED
Alias: None
Product: valgrind
Classification: Developer tools
Component: general (show other bugs)
Version: 3.3 SVN
Platform: Gentoo Packages Linux
: NOR normal
Target Milestone: ---
Assignee: Julian Seward
URL: http://cve.mitre.org/cgi-bin/cvename....
Keywords:
Depends on:
Blocks:
 
Reported: 2008-12-13 14:50 UTC by Maurice van der Pot
Modified: 2008-12-23 16:53 UTC (History)
0 users

See Also:
Latest Commit:
Version Fixed In:


Attachments
Patch to fix vulnerability (1.99 KB, patch)
2008-12-13 14:50 UTC, Maurice van der Pot
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Maurice van der Pot 2008-12-13 14:50:39 UTC
Created attachment 29294 [details]
Patch to fix vulnerability

CVE-2008-4865 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4865):
  Untrusted search path vulnerability in valgrind allows local users to
  execute arbitrary programs via a Trojan horse .valgrindrc file in the
  current working directory, as demonstrated using a malicious
  --db-command options.  NOTE: the severity of this issue has been
  disputed, but CVE is including this issue because execution of a
  program from an untrusted directory is a common scenario.

See also http://bugs.gentoo.org/show_bug.cgi?id=245317

Attached is an updated (wrt the above report) patch that applies to current SVN HEAD.
Comment 1 Julian Seward 2008-12-23 16:53:37 UTC
I believe this was fixed in r8798.