Login
Newsletter
Werbung

Sicherheit: Unsichere Verwendung von /tmp in mgetty
Aktuelle Meldungen Distributionen
Name: Unsichere Verwendung von /tmp in mgetty
ID: TLSA2001020
Distribution: TurboLinux
Plattformen: Keine Angabe
Datum: Do, 24. Mai 2001, 13:00
Referenzen: Keine Angabe
Applikationen: mgetty

Originalnachricht

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



____________________________________________________________________________________________
_

Turbolinux Security Announcement

Package: mgetty
Vulnerable Packages: All Turbolinux versions prior to 1.1.22
Date: 05/17/2001 5:00 PDT

Affected Turbolinux platforms: TL Workstation 6.1,
TL Server 6.0.5 and earlier

Turbolinux Advisory ID#: TLSA2001020

Reference: http://www.securityfocus.com/vdb/bottom.html?vid=2187

____________________________________________________________________________________________
_

A security hole was discovered in the package mentioned above.
Please update the packages in your installation as soon as possible.
____________________________________________________________________________________________
_

1. Problem Summary

When mgetty runs, it creates files in the /tmp directory, but it does so
in an insecure fashion, making it quite easy for an attacker to guess the
names
of future /tmp files.

2. Impact

It is possible for an attacker to create symbolic links in the /tmp
directory so
that he can append to or overwrite system files which, under normal
circumstances,
are write-accessible only by the user running the mgetty application(i.e.
root).

3. Solution

Update the packages from our ftp server by using the following procedure:

First, uninstall the previous versions of the mgetty packages by
performing the following commands in the given order:

rpm -e mgetty-voice
rpm -e mgetty-viewfax
rpm -e mgetty-sendfax
rpm -e mgetty

If the package getty_ps is installed, uninstall it as well.

Then, install the updated versions of mgetty using the following command:

rpm -ivh ftp_path_to_filename

Where ftp_path_to_filename is the following:

ftp://ftp.turbolinux.com/pub/updates/6.0/security/mgetty-1.1.22-7.i386.rpm
mgetty-sendfax-1.1.22-7.i386.rpm
mgetty-viewfax-1.1.22-7.i386.rpm
mgetty-voice-1.1.22-7.i386.rpm

The source RPM can be downloaded here:

ftp://ftp.turbolinux.com/pub/updates/6.0/SRPMS/mgetty-1.1.22-7.src.rpm

**Note: You must rebuild and install the RPM if you choose to download
and install the SRPM. Simply installing the SRPM alone WILL NOT CLOSE
THE SECURITY HOLE.

**Be sure to have XFree86-devel installed on your system before
using the source rpm to build the mgetty packages.

Please verify the MD5 checksums of the updates before you install:

MD5 sum Package Name
--------------------------------------------------------------------------------------------
-

5de87256cb97ae7ea6260d28d3af9cc7 mgetty-1.1.22-7.i386.rpm
1187e088aee19db37897437a2d761bb7 mgetty-sendfax-1.1.22-7.i386.rpm
6e723db938b07e0934f1ebc6ac9e2599 mgetty-viewfax-1.1.22-7.i386.rpm
25e990cab0eaa51d3e3efcd867ec7664 mgetty-voice-1.1.22-7.i386.rpm
b3b90b7f6a01722c6f6aad21b6ceaa94 mgetty-1.1.22-7.src.rpm
____________________________________________________________________________________________
_

These packages are GPG signed by Turbolinux for security. Our key
is available here:

http://www.turbolinux.com/security/tlgpgkey.asc

To verify a package, use the following command:

rpm --checksig name_of_rpm

To examine only the md5sum, use the following command:

md5sum name_of_rpm

**Note: Checking GPG keys requires RPM 3.0 or higher.

____________________________________________________________________________________________
_

You can find more updates on our ftp server:

ftp://ftp.turbolinux.com/pub/updates/6.0/security/

for TL6.x Workstation and Server security updates

Our webpage for security announcements:

http://www.turbolinux.com/security

If you want to report vulnerabilities, please contact:

security@turbolinux.com
_____________________________________________________________________________________________
_

Subscribe to the Turbolinux Security Mailing lists:

TL-security - A moderated list for discussing security issues
Turbolinux products.
Subscribe at http://www.turbolinux.com/mailman/listinfo/tl-security

TL-security-announce - An announce-only mailing list for security
updates and alerts. Subscribe at:

http://www.turbolinux.com/mailman/listinfo/tl-security-announce

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: pgpenvelope 2.10.0 - http://pgpenvelope.sourceforge.net/

iD8DBQE7Baikcpw52/ZatwoRAo9/AJ9NQmtN0dmy2zJR3T6J+mFM1gegvACffiau
8gJNM/cUAtL+5f9xyyLVo+c=
=M7Qh
-----END PGP SIGNATURE-----



_______________________________________________
TL-Security-Announce mailing list
TL-Security-Announce@www.turbolinux.com
http://www.turbolinux.com/mailman/listinfo/tl-security-announce
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung