mailing list archives
Security issue in hammerhead
From: Jamie Strandboge <jamie () canonical com>
Date: Fri, 26 Aug 2011 15:14:33 -0500
A security bug was reported against hammerhead in Ubuntu. You are being
emailed as the upstream contact. Please keep
oss-security () lists openwall com CC'd for any updates on this issue.
This issue should be considered public and has not yet been assigned a CVE.
Details from the public bug follow:
From the reporter:
"hammerhead blindly writes to to /tmp/hammer.log without prior checks.
It is possible to put a symbolic link at /tmp/hammer.log pointing at
another file - that hammerhead will then end up appending data into.
(it appears that hammerhead uses the file location as specified
in /etc/hammerhead/hh.conf - which in debian/ubuntu
A quick check shows that HH_LOG and REPORT_LOG are indeed being
unconditionally opened with 'fopen(..., "a+")' in src/hammerhead.cc.
Thanks in advance for your cooperation in coordinating a fix for this
 oss-security () lists openwall com is a public mailing list for
people to collaborate on security vulnerabilities and coordinate
PS - I couldn't find a security contact for hammerhead, so emailed to
those I could find in AUTHORS.
Jamie Strandboge | http://www.canonical.com
Description: This is a digitally signed message part
- Security issue in hammerhead Jamie Strandboge (Aug 26)