Login
Newsletter
Werbung

Sicherheit: Probleme mit temporären Dateien in bzip2
Aktuelle Meldungen Distributionen
Name: Probleme mit temporären Dateien in bzip2
ID: CSSA-2002-039.0
Distribution: Caldera
Plattformen: Caldera Server 3.1, Caldera Workstation 3.1, Caldera Server 3.1.1, Caldera Workstation 3.1.1
Datum: Fr, 1. November 2002, 12:00
Referenzen: Keine Angabe
Applikationen: bzip2

Originalnachricht

--YyxzkC/DtE3JUx8+
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

To: bugtraq@securityfocus.com announce@lists.caldera.com
security-alerts@linuxsecurity.com full-disclosure@lists.netsys.com


______________________________________________________________________________

SCO Security Advisory

Subject: Linux: bzip2 file creation and symbolic link vulnerabilities
Advisory number: CSSA-2002-039.0
Issue date: 2002 October 29
Cross reference:
______________________________________________________________________________


1. Problem Description

From the CVE Archives:

bzip2 does not use the O_EXCL flag to create files during
decompression and does not warn the user if an existing file
would be overwritten, which could allow attackers to overwrite
files via a bzip2 archive.

bzip2 decompresses files with world-readable permissions
before setting the permissions to what is specified in the
bzip2 archive, which could allow local users to read the files
as they are being decompressed.

bzip2 uses the permissions of symbolic links instead of the
actual files when creating an archive, which could cause the
files to be extracted with less restrictive permissions than
intended.


2. Vulnerable Supported Versions

System Package
----------------------------------------------------------------------

OpenLinux 3.1.1 Server prior to bzip2-1.0.0-7MR.i386.rpm
prior to bzip2-devel-1.0.0-7MR.i386.rpm
prior to bzip2-devel-static-1.0.0-7MR.i386.rpm

OpenLinux 3.1.1 Workstation prior to bzip2-1.0.0-7MR.i386.rpm
prior to bzip2-devel-1.0.0-7MR.i386.rpm
prior to bzip2-devel-static-1.0.0-7MR.i386.rpm

OpenLinux 3.1 Server prior to bzip2-1.0.0-7MR.i386.rpm
prior to bzip2-devel-1.0.0-7MR.i386.rpm
prior to bzip2-devel-static-1.0.0-7MR.i386.rpm

OpenLinux 3.1 Workstation prior to bzip2-1.0.0-7MR.i386.rpm
prior to bzip2-devel-1.0.0-7MR.i386.rpm
prior to bzip2-devel-static-1.0.0-7MR.i386.rpm


3. Solution

The proper solution is to install the latest packages. Many
customers find it easier to use the Caldera System Updater, called
cupdate (or kcupdate under the KDE environment), to update these
packages rather than downloading and installing them by hand.


4. OpenLinux 3.1.1 Server

4.1 Package Location

ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2002-039.0/RPMS

4.2 Packages

d54e80dafe3006f18d1d9498078f4bce bzip2-1.0.0-7MR.i386.rpm
7eb4a45c2aa65aafd69fd1ef047e1bfd bzip2-devel-1.0.0-7MR.i386.rpm
b4f91ed45d1e94b2547ce0950b0f49be bzip2-devel-static-1.0.0-7MR.i386.rpm

4.3 Installation

rpm -Fvh bzip2-1.0.0-7MR.i386.rpm
rpm -Fvh bzip2-devel-1.0.0-7MR.i386.rpm
rpm -Fvh bzip2-devel-static-1.0.0-7MR.i386.rpm

4.4 Source Package Location

ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2002-039.0/SRPMS

4.5 Source Packages

8174f956fc4fba3686900cf77ceabf44 bzip2-1.0.0-7MR.src.rpm


5. OpenLinux 3.1.1 Workstation

5.1 Package Location

ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2002-039.0/RPMS

5.2 Packages

e15555947c16f663962f38bae73ceb4a bzip2-1.0.0-7MR.i386.rpm
a1d3bf363951dddc3eb745d4b23e7513 bzip2-devel-1.0.0-7MR.i386.rpm
19c8036ab3d61a96c0c09f0c08c78f3b bzip2-devel-static-1.0.0-7MR.i386.rpm

5.3 Installation

rpm -Fvh bzip2-1.0.0-7MR.i386.rpm
rpm -Fvh bzip2-devel-1.0.0-7MR.i386.rpm
rpm -Fvh bzip2-devel-static-1.0.0-7MR.i386.rpm

5.4 Source Package Location

SRPMS

5.5 Source Packages

d428ed2e4ea3f3577c8ff7fa6d7be12e bzip2-1.0.0-7MR.src.rpm


6. OpenLinux 3.1 Server

6.1 Package Location

ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Server/CSSA-2002-039.0/RPMS

6.2 Packages

525d5fe90e5b5aee993e46c665f51ab3 bzip2-1.0.0-7MR.i386.rpm
ec675b025cbae2d59755ce84dc440478 bzip2-devel-1.0.0-7MR.i386.rpm
4a82220ccec70af0a501cd3c1695a2bc bzip2-devel-static-1.0.0-7MR.i386.rpm

6.3 Installation

rpm -Fvh bzip2-1.0.0-7MR.i386.rpm
rpm -Fvh bzip2-devel-1.0.0-7MR.i386.rpm
rpm -Fvh bzip2-devel-static-1.0.0-7MR.i386.rpm

6.4 Source Package Location

ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Server/CSSA-2002-039.0/SRPMS

6.5 Source Packages

14622634fec6589268c083a375fa50e6 bzip2-1.0.0-7MR.src.rpm


7. OpenLinux 3.1 Workstation

7.1 Package Location

ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Workstation/CSSA-2002-039.0/RPMS

7.2 Packages

845b6f3c541e902c8a0737694a3e5e42 bzip2-1.0.0-7MR.i386.rpm
f7e1a4fe5697067d4acd8f87309dc032 bzip2-devel-1.0.0-7MR.i386.rpm
99e7937248d59ba576967c40469590d9 bzip2-devel-static-1.0.0-7MR.i386.rpm

7.3 Installation

rpm -Fvh bzip2-1.0.0-7MR.i386.rpm
rpm -Fvh bzip2-devel-1.0.0-7MR.i386.rpm
rpm -Fvh bzip2-devel-static-1.0.0-7MR.i386.rpm

7.4 Source Package Location

ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Workstation/CSSA-2002-039.0/SRPMS

7.5 Source Packages

654e85390b806e357e881189b2968b2d bzip2-1.0.0-7MR.src.rpm


8. References

Specific references for this advisory:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0759
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0760
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0761

SCO security resources:
http://www.sco.com/support/security/index.html

This security fix closes SCO incidents sr864842, fz521049,
erg712052.


9. Disclaimer

SCO is not responsible for the misuse of any of the information
we provide on this website and/or through our security
advisories. Our advisories are a service to our customers intended
to promote secure installation and use of SCO products.


10. Acknowledgements

Volker Schmidt and Philippe Troin discovered and researched
these vulnerabilities.

______________________________________________________________________________

--YyxzkC/DtE3JUx8+
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (SCO_SV)
Comment: For info see http://www.gnupg.org

iEYEARECAAYFAj2+7QUACgkQbluZssSXDTFvXQCfZvrvl0Jt7RQmC8q4We3+n2ZU
HK4Anj+8tPs9mv+EXA0rTwgWhfMgjIdk
=un3d
-----END PGP SIGNATURE-----

--YyxzkC/DtE3JUx8+--
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung