Bug 177682 - Untrusted search path vulnerability (CVE-2008-4865)
Summary: Untrusted search path vulnerability (CVE-2008-4865)
Status: RESOLVED FIXED
Alias: None
Product: valgrind
Classification: Developer tools
Component: general (show other bugs)
Version: 3.3 SVN
Platform: Gentoo Packages Linux
: NOR normal
Target Milestone: ---
Assignee: Julian Seward
URL: http://cve.mitre.org/cgi-bin/cvename....
Keywords:
Depends on:
Blocks:
 
Reported: 2008-12-13 14:50 UTC by Maurice van der Pot
Modified: 2008-12-23 16:53 UTC (History)
0 users

See Also:
Latest Commit:
Version Fixed In:
Sentry Crash Report:

Attachments
Patch to fix vulnerability (1.99 KB, patch)
2008-12-13 14:50 UTC, Maurice van der Pot 		Details
View All Add an attachment

Note You need to log in before you can comment on or make changes to this bug.
Description Maurice van der Pot 2008-12-13 14:50:39 UTC 
Created attachment 29294 [details]
Patch to fix vulnerability

CVE-2008-4865 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4865):
  Untrusted search path vulnerability in valgrind allows local users to
  execute arbitrary programs via a Trojan horse .valgrindrc file in the
  current working directory, as demonstrated using a malicious
  --db-command options.  NOTE: the severity of this issue has been
  disputed, but CVE is including this issue because execution of a
  program from an untrusted directory is a common scenario.

See also http://bugs.gentoo.org/show_bug.cgi?id=245317

Attached is an updated (wrt the above report) patch that applies to current SVN HEAD.
Comment 1 Julian Seward 2008-12-23 16:53:37 UTC 
I believe this was fixed in r8798.