Bug#668397: marked as done (wicd: Local privilege escalation)

[Debian Bug Tracking System]

Your message dated Wed, 11 Apr 2012 22:57:00 +0000
with message-id <e1si6te-00029f...@franck.debian.org>
and subject line Bug#668397: fixed in wicd 1.7.2-1
has caused the Debian Bug report #668397,
regarding wicd: Local privilege escalation
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
668397: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=668397
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Package: wicd
Severity: critical
Tags: security
Justification: root security hole

It was discovered, wicd in any version supported by Debian (i.e. stable,
testing and unstable) yields to local privilege escalation by injecting
arbitrary code through the DBus interface due to incomplete input
sanitation.

I've briefly verified offending code against the Squeeze and Sid version
of the package but I didn't try to reproduce the steps to exploit wicd.
As far as I know there is no upstream fix available.


Details can be found on [1] or via Full Disclosure post [2].

[1] http://www.infosecinstitute.com/courses/ethical_hacking_training.html
[2] <00e301cd17f2$0b33efd0$219bcf70$@com> / 
http://seclists.org/fulldisclosure/2012/Apr/123


-- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.11arno1 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

--- End Message ---

--- Begin Message ---

Source: wicd
Source-Version: 1.7.2-1

We believe that the bug you reported is fixed in the latest version of
wicd, which is due to be installed in the Debian FTP archive:

python-wicd_1.7.2-1_all.deb
  to main/w/wicd/python-wicd_1.7.2-1_all.deb
wicd-cli_1.7.2-1_all.deb
  to main/w/wicd/wicd-cli_1.7.2-1_all.deb
wicd-curses_1.7.2-1_all.deb
  to main/w/wicd/wicd-curses_1.7.2-1_all.deb
wicd-daemon_1.7.2-1_all.deb
  to main/w/wicd/wicd-daemon_1.7.2-1_all.deb
wicd-gtk_1.7.2-1_all.deb
  to main/w/wicd/wicd-gtk_1.7.2-1_all.deb
wicd_1.7.2-1.debian.tar.gz
  to main/w/wicd/wicd_1.7.2-1.debian.tar.gz
wicd_1.7.2-1.dsc
  to main/w/wicd/wicd_1.7.2-1.dsc
wicd_1.7.2-1_all.deb
  to main/w/wicd/wicd_1.7.2-1_all.deb
wicd_1.7.2.orig.tar.gz
  to main/w/wicd/wicd_1.7.2.orig.tar.gz



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 668...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
David Paleino <da...@debian.org> (supplier of updated wicd package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Thu, 12 Apr 2012 00:03:06 +0200
Source: wicd
Binary: wicd wicd-daemon wicd-gtk wicd-curses wicd-cli python-wicd
Architecture: source all
Version: 1.7.2-1
Distribution: unstable
Urgency: low
Maintainer: David Paleino <da...@debian.org>
Changed-By: David Paleino <da...@debian.org>
Description: 
 python-wicd - wired and wireless network manager - Python module
 wicd       - wired and wireless network manager - metapackage
 wicd-cli   - wired and wireless network manager - scriptable console client
 wicd-curses - wired and wireless network manager - Curses client
 wicd-daemon - wired and wireless network manager - daemon
 wicd-gtk   - wired and wireless network manager - GTK+ client
Closes: 658785 668397
Changes: 
 wicd (1.7.2-1) unstable; urgency=low
 .
   * New upstream version
     - fixed local privilege escalation, CVE-2012-2095 (Closes: #668397)
   * Added Indonesian debconf translation, thanks to Mahyuddin
     Susanto (Closes: #658785)
   * Fixed debian/watch to look packages from launchpad
   * Bump Standards-Version to 3.9.3, no changes needed
   * Updated debian/copyright
Checksums-Sha1: 
 91d7b6bfd70c9a4829219fdcf8873e8b54c27c30 1423 wicd_1.7.2-1.dsc
 17659bb9eb354153d2f2e85a11597779f59e480b 435400 wicd_1.7.2.orig.tar.gz
 a097d8ed1f5acf699cdbaee48eefa3eab8ad47eb 25110 wicd_1.7.2-1.debian.tar.gz
 a11082cdc0bc55c9fcf6e2483de7ae94fe86582f 15116 wicd_1.7.2-1_all.deb
 171617e5916e6e2b14fcdabd787caddcf643443f 250584 wicd-daemon_1.7.2-1_all.deb
 27994f90349a6f2b80b1c50a18a5cd219c24800f 117486 wicd-gtk_1.7.2-1_all.deb
 9ca6a8f02a0976a2069c70c6b0781e332ea8cc4c 44718 wicd-curses_1.7.2-1_all.deb
 d794c1a4c9623610a6d0cd4f9e57e792e95d2ec9 18682 wicd-cli_1.7.2-1_all.deb
 dc642fd78a85d807cd0aff45716355db3c343d5d 50000 python-wicd_1.7.2-1_all.deb
Checksums-Sha256: 
 991809e3f9feec134b338e1feed3d800b1dd37c3727e4f8ae40c35af5c9acb2c 1423 
wicd_1.7.2-1.dsc
 a901b3e4d501ed61d686409ec107a4eaa5f11f19ffb59f035765fb3cf7d9ccc5 435400 
wicd_1.7.2.orig.tar.gz
 deb18f2878a1b8116eddb22629d7b11fb6f46c6dda8f636bd9bb7285bb162264 25110 
wicd_1.7.2-1.debian.tar.gz
 2ac8503e8f67866dca3650a36d7259991c90517dac977d7c0643ab690cad69d4 15116 
wicd_1.7.2-1_all.deb
 7627e33d9c216a06fd46d24fd4ec3608554b7d09cf81a86d08025b25663e8665 250584 
wicd-daemon_1.7.2-1_all.deb
 79a5ad63e1fc723ebd0a8a48753982c5dd24de21fb2444ef165c8f74f8545a65 117486 
wicd-gtk_1.7.2-1_all.deb
 fc45bd17e8bc4f67bb21dff10f2ce89a2150db9d4d2aa0f5a345cf9633df94b6 44718 
wicd-curses_1.7.2-1_all.deb
 528a148a75c868877c64ef81ad0f0a07735511d1d5e2bdc16c393c578b8e79ec 18682 
wicd-cli_1.7.2-1_all.deb
 5f83d6965912ff5fd555bf6ad53e4de4241d28c219133fcc448a04c247ebcf33 50000 
python-wicd_1.7.2-1_all.deb
Files: 
 5c891a1c42cbb3f80ade31da50bbb4c6 1423 net optional wicd_1.7.2-1.dsc
 927f60125a97323d1878d83e1a9241ae 435400 net optional wicd_1.7.2.orig.tar.gz
 b563edf845291ba426ee19a8c1aea1f9 25110 net optional wicd_1.7.2-1.debian.tar.gz
 70a95481fde7cd17f29a1145a699d814 15116 net optional wicd_1.7.2-1_all.deb
 b9af4dcf7e9913cf8831feb7af4d4ab6 250584 net optional 
wicd-daemon_1.7.2-1_all.deb
 dbdd6dc9ab3c8c9ac3086240bb7e6e4f 117486 net optional wicd-gtk_1.7.2-1_all.deb
 db9cc7dcc4de71d54a80b5d063708831 44718 net optional wicd-curses_1.7.2-1_all.deb
 2b3edf93cb32770aeb42b819ed505eb0 18682 net optional wicd-cli_1.7.2-1_all.deb
 89b69b04b5ee82591cc28d87ebbcbd1f 50000 python optional 
python-wicd_1.7.2-1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAk+GAAEACgkQ5qqQFxOSsXRrQgCfaAcIRF3Ws3AqDbnWuKgEabr4
5rUAn2rciI2ZA18Fjz6CsZ4AVym94P4z
=DYZy
-----END PGP SIGNATURE-----

--- End Message ---