Lucene search

Gentoo FoundationGLSA-200601-01

HistoryJan 03, 2006 - 12:00 a.m.

pinentry: Local privilege escalation

2006-01-0300:00:00

Gentoo Foundation

security.gentoo.org

CVSS2

6.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:C/I:C/A:N

EPSS

Percentile

5.1%

JSON

Background

pinentry is a collection of simple PIN or passphrase entry dialogs which utilize the Assuan protocol.

Description

Tavis Ormandy of the Gentoo Linux Security Audit Team has discovered that the pinentry ebuild incorrectly sets the permissions of the pinentry binaries upon installation, so that the sgid bit is set making them execute with the privileges of group ID 0.

Impact

A user of pinentry could potentially read and overwrite files with a group ID of 0.

Workaround

There is no known workaround at this time.

Resolution

All pinentry users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose "&gt;=app-crypt/pinentry-0.7.2-r2"

OSVersionArchitecturePackageVersionFilename
Gentooanyallapp-crypt/pinentry< 0.7.2-r2UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Gentoo	any	all	app-crypt/pinentry	< 0.7.2-r2	UNKNOWN

CVSS2

6.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:C/I:C/A:N

EPSS

Percentile

5.1%

JSON

Related for GLSA-200601-01