Bug#668397: marked as done (wicd: Local privilege escalation)

[Debian Bug Tracking System]

Your message dated Mon, 30 Apr 2012 19:50:31 +0000
with message-id <e1sowcb-0002do...@franck.debian.org>
and subject line Bug#668397: fixed in wicd 1.7.2.4-1
has caused the Debian Bug report #668397,
regarding wicd: Local privilege escalation
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
668397: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=668397
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Package: wicd
Severity: critical
Tags: security
Justification: root security hole

It was discovered, wicd in any version supported by Debian (i.e. stable,
testing and unstable) yields to local privilege escalation by injecting
arbitrary code through the DBus interface due to incomplete input
sanitation.

I've briefly verified offending code against the Squeeze and Sid version
of the package but I didn't try to reproduce the steps to exploit wicd.
As far as I know there is no upstream fix available.


Details can be found on [1] or via Full Disclosure post [2].

[1] http://www.infosecinstitute.com/courses/ethical_hacking_training.html
[2] <00e301cd17f2$0b33efd0$219bcf70$@com> / 
http://seclists.org/fulldisclosure/2012/Apr/123


-- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.11arno1 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

--- End Message ---

--- Begin Message ---

Source: wicd
Source-Version: 1.7.2.4-1

We believe that the bug you reported is fixed in the latest version of
wicd, which is due to be installed in the Debian FTP archive:

python-wicd_1.7.2.4-1_all.deb
  to main/w/wicd/python-wicd_1.7.2.4-1_all.deb
wicd-cli_1.7.2.4-1_all.deb
  to main/w/wicd/wicd-cli_1.7.2.4-1_all.deb
wicd-curses_1.7.2.4-1_all.deb
  to main/w/wicd/wicd-curses_1.7.2.4-1_all.deb
wicd-daemon_1.7.2.4-1_all.deb
  to main/w/wicd/wicd-daemon_1.7.2.4-1_all.deb
wicd-gtk_1.7.2.4-1_all.deb
  to main/w/wicd/wicd-gtk_1.7.2.4-1_all.deb
wicd_1.7.2.4-1.debian.tar.gz
  to main/w/wicd/wicd_1.7.2.4-1.debian.tar.gz
wicd_1.7.2.4-1.dsc
  to main/w/wicd/wicd_1.7.2.4-1.dsc
wicd_1.7.2.4-1_all.deb
  to main/w/wicd/wicd_1.7.2.4-1_all.deb
wicd_1.7.2.4.orig.tar.gz
  to main/w/wicd/wicd_1.7.2.4.orig.tar.gz



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 668...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
David Paleino <da...@debian.org> (supplier of updated wicd package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Mon, 30 Apr 2012 21:32:55 +0200
Source: wicd
Binary: wicd wicd-daemon wicd-gtk wicd-curses wicd-cli python-wicd
Architecture: source all
Version: 1.7.2.4-1
Distribution: unstable
Urgency: high
Maintainer: David Paleino <da...@debian.org>
Changed-By: David Paleino <da...@debian.org>
Description: 
 python-wicd - wired and wireless network manager - Python module
 wicd       - wired and wireless network manager - metapackage
 wicd-cli   - wired and wireless network manager - scriptable console client
 wicd-curses - wired and wireless network manager - Curses client
 wicd-daemon - wired and wireless network manager - daemon
 wicd-gtk   - wired and wireless network manager - GTK+ client
Closes: 668397
Changes: 
 wicd (1.7.2.4-1) unstable; urgency=high
 .
   * New upstream version
     - really fix local privilege escalation, CVE-2012-2095 (Closes: #668397)
   * Fixed typo in previous changelog entry
Checksums-Sha1: 
 947d1f37a8c57255f795288aa4f0dfa59500e974 1437 wicd_1.7.2.4-1.dsc
 043321f59bef1eb1d1e49c4c14316deca7e5e1c6 439297 wicd_1.7.2.4.orig.tar.gz
 1ca9da15965b760e17857ea91e4c7bf22e8c4623 25390 wicd_1.7.2.4-1.debian.tar.gz
 13e7504aa10fd1890c8b704139b08a1e23f8461c 15732 wicd_1.7.2.4-1_all.deb
 d3f44f8349558d1064c800e695f800e6a1509bb1 229064 wicd-daemon_1.7.2.4-1_all.deb
 8679e79cf5c8762785653c509c5b6db6aac428c8 118286 wicd-gtk_1.7.2.4-1_all.deb
 10b6feae8d72a9e522e07c7c682fe2a4a3446e41 45170 wicd-curses_1.7.2.4-1_all.deb
 fc74eb0a880b30384f5182986a3d751d2770c6f9 19372 wicd-cli_1.7.2.4-1_all.deb
 7f15b97a7d2e854491e4b9d351479920b3031e4c 50624 python-wicd_1.7.2.4-1_all.deb
Checksums-Sha256: 
 575838d23f9408490be9eb2772530355403fdab50599386781d5cd193d4a2d0d 1437 
wicd_1.7.2.4-1.dsc
 dcfdfb5dbbb49dbb9b205fddf064d6b1a4e88f66f1cf40d12fb7fe0e0c7cdc97 439297 
wicd_1.7.2.4.orig.tar.gz
 e64c918634c4de5349975d460ff8461ebc068e0c78323ca582fb85301b4fc252 25390 
wicd_1.7.2.4-1.debian.tar.gz
 1bda8ef2ea505935b2570cff92f8185725fd675b31bd41d602e2e094a7f8b331 15732 
wicd_1.7.2.4-1_all.deb
 1c74df1e54c662f275a6f17f63c7c281a8e0eb2c384317ba5417ae9dc043c422 229064 
wicd-daemon_1.7.2.4-1_all.deb
 3649b707fb96d6f6628cb24ab590293ad1eb2ec00d116c72955dee3851d0ac6b 118286 
wicd-gtk_1.7.2.4-1_all.deb
 e6f3a42bae309f2e3b82b52e407f76a58f4b26ea47c053e5185434e28a0fdd32 45170 
wicd-curses_1.7.2.4-1_all.deb
 4e350f5a0fcf89d21bb5851207fa194dd22ccaf90963031a608483a4e029f465 19372 
wicd-cli_1.7.2.4-1_all.deb
 66e2bc08e115144739b041ac025fee99d21a3d764491959b5452deee80a88509 50624 
python-wicd_1.7.2.4-1_all.deb
Files: 
 6143eee7be499a334ecb1e9d116198e8 1437 net optional wicd_1.7.2.4-1.dsc
 c2435ddfdef0b9898852d72a85a45f0f 439297 net optional wicd_1.7.2.4.orig.tar.gz
 d7194e5f89c705ec0a1d78888cc9a9ac 25390 net optional 
wicd_1.7.2.4-1.debian.tar.gz
 70e876544bb1554e909953e3088696ee 15732 net optional wicd_1.7.2.4-1_all.deb
 80536fdf47b05d77b3be5b98c511ba98 229064 net optional 
wicd-daemon_1.7.2.4-1_all.deb
 008ef0c7f6c3b385e09772b5dda05175 118286 net optional wicd-gtk_1.7.2.4-1_all.deb
 2ad2baaf385d8587098dc606ae0b961f 45170 net optional 
wicd-curses_1.7.2.4-1_all.deb
 58599deca9024cc41a4c719942257b4f 19372 net optional wicd-cli_1.7.2.4-1_all.deb
 b47692e702901c8edd1295704206f5de 50624 python optional 
python-wicd_1.7.2.4-1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAk+e6mMACgkQ5qqQFxOSsXQNGQCfQfBJLnB2Y1M6H1LT5LzEGjyx
B0cAnjDVluMPAfFpVT7tC6RxcBYZYVTW
=39+T
-----END PGP SIGNATURE-----

--- End Message ---