Description
The (1) banshee-1 and (2) muinshee scripts in Banshee 1.8.0 and earlier place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. NOTE: Banshee might also be affected using GST_PLUGIN_PATH.
Affected products
- banshee-project / banshee1.8.0
- banshee-project / banshee0.13.2 – 0.13.2
- banshee-project / banshee1.0 – 1.0
- banshee-project / banshee1.2 – 1.2
- banshee-project / banshee1.2.1 – 1.2.1
- banshee-project / banshee1.4 – 1.4
- banshee-project / banshee1.4.2 – 1.4.2
- banshee-project / banshee1.4.3 – 1.4.3
- banshee-project / banshee1.5.0 – 1.5.0
- banshee-project / banshee1.5.1 – 1.5.1
- banshee-project / banshee1.5.2 – 1.5.2
- banshee-project / banshee1.5.3 – 1.5.3
- banshee-project / banshee1.5.4 – 1.5.4
- banshee-project / banshee1.5.5 – 1.5.5
- banshee-project / banshee1.5.6 – 1.5.6
- banshee-project / banshee1.6.0 – 1.6.0
- banshee-project / banshee1.6.1 – 1.6.1
- banshee-project / banshee1.7.0 – 1.7.0
- banshee-project / banshee1.7.1 – 1.7.1
- banshee-project / banshee1.7.2 – 1.7.2
- banshee-project / banshee1.7.3 – 1.7.3
- banshee-project / banshee1.7.4 – 1.7.4
- banshee-project / banshee1.7.5 – 1.7.5
- banshee-project / banshee1.7.6 – 1.7.6
References
- MAILING_LISThttp://lists.fedoraproject.org/pipermail/package-announce/2010-November/050747.html
- MAILING_LISThttp://lists.fedoraproject.org/pipermail/package-announce/2010-November/050756.html
- MISChttp://www.securityfocus.com/bid/44752
- MISChttps://bugzilla.redhat.com/show_bug.cgi?id=644554
- VENDOR_ADVISORYhttp://secunia.com/advisories/42237
- VENDOR_ADVISORYhttp://secunia.com/advisories/42234
- MISChttp://download.banshee.fm/banshee/unstable/1.9.0/banshee-1-1.9.0.news
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2010/2964
- VENDOR_ADVISORYhttp://www.mandriva.com/security/advisories?name=MDVSA-2011:034
- MAILING_LISThttp://lists.fedoraproject.org/pipermail/package-announce/2010-November/050744.html