Hi,
A week ago, some buffer overflow conditions inside the ACL handling code
of vsecurity were fixed, more concretely in the *_read_file functions
used within the vsecfs (sysfs) code to read ACL parameters.
I apologize for the inconveniences of being away for a week and not
announcing it before.
These buffer overflow conditions were noticed at first time by Brad
Spengler and more later by Nguyen Anh Quynh (who contributed many TPE
related enhancements to the under-development 0.3 revision).
Subsequently, the TPE code at issue, based in the first work made by IBM
and more concretely, by Niki Rahimi, is also vulnerable, and if the user
base makes it worthy, it should be fixed ASAP.
No proof of concept code is available, at least in the public eye or
under my knowledge, nor I have intention to prepare any as it's already
fixed.
The changes can be found in the CVS, also it's worthy to say that
currently vsecurity is not prepared for the new API changes since
2.6.10, and this is on-going work for the 0.3 release (among many other
enhancements and changes).
http://cvs.tuxedo-es.org/cgi-bin/viewcvs.cgi/vsecurity/
Thanks for your attention,
Cheers.
--
Lorenzo Hern?ndez Garc?a-Hierro <[email protected]>
[1024D/6F2B2DEC] & [2048g/9AE91A22][http://tuxedo-es.org]