PublicDateAtUSN: 2011-10-07
Candidate: CVE-2011-3602
PublicDate: 2014-04-27 21:55:00 UTC
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3602
 http://www.openwall.com/lists/oss-security/2011/10/06/3
 https://ubuntu.com/security/notices/USN-1257-1
Description:
 Directory traversal vulnerability in device-linux.c in the router
 advertisement daemon (radvd) before 1.8.2 allows local users to overwrite
 arbitrary files, and remote attackers to overwrite certain files, via a ..
 (dot dot) in an interface name.  NOTE: this can be leveraged with a symlink
 to overwrite arbitrary files.
Ubuntu-Description: 
Notes: 
 mdeslaur> upstream patch may be incorrect, see
 mdeslaur> http://www.openwall.com/lists/oss-security/2011/10/07/4
 mdeslaur> issue was actually fixed in 1.8.3 because of incorrect patch
Bugs: 
Priority: medium
Discovered-by: Vasiliy Kulikov
Assigned-to: mdeslaur
CVSS: 

Patches_radvd:
 upstream: https://github.com/reubenhwk/radvd/commit/92e22ca23e52066da2258df8c76a2dca8a428bcc
 upstream: https://github.com/reubenhwk/radvd/commit/7a1471b62da88373e8f4209d503307c5d841b81f (fix)
upstream_radvd: released (1.8.3)
hardy_radvd: ignored (reached end-of-life)
lucid_radvd: released (1:1.3-1.1ubuntu0.1)
maverick_radvd: released (1:1.6-1ubuntu0.1)
natty_radvd: released (1:1.7-1ubuntu0.1)
oneiric_radvd: released (1:1.8-1ubuntu0.1)
devel_radvd: not-affected (1:1.8-1.2)