OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Local root compromise in GNQS 3.50.6 and 3.50.7
From: Philippe Andersson (philippe_anderssonSTE.SCITEX.COM)
Date: Wed Mar 22 2000 - 06:50:04 CST


A large security hole was uncovered last month in Generic-NQS ver.
3.50.6 and 3.50.7. This hole leads to immediate local root compromise.

All users of those versions are requested to upgrade to ver. 3.50.8 or
later ASAP. The updated package can be downloaded from
<http://ftp.gnqs.org/pub/gnqs/latest/production/Generic-NQS-3.50.9.tar.gz>.
(Please note that versions as of 3.50.8 fail to compile on HP-UX 11.00 -
a fix for this platform should be released later this week).

Users of previous versions are not vulnerable. The fix introduced in
ver. 3.50.8 will also log any attempt at exploiting the vulnerability.

On the request of GNQS Maintainer, Stuart Herbert
<S.Herbertsheffield.ac.uk>, I'm not releasing the actual exploit
technique, since it would allow any 5-year old with an shell account on
the affected system(s) to gain root in no time.

For more information about Generic-NQS, please check
<http://www.gnqs.org/>.

Credit for the discovery goes to Gilbert Mets, Unix System Manager
Scitex Europe, S.A.

Have a nice day.

Ph. A.

--

//\\ \\// ///\\\ SCITEX

/*-----------------------------------------------------------------*/ /* Scitex Europe, S.A. | Philippe Andersson */ /* Dreve Richelle, 161, E-F,| PC & Network Specialist */ /* 1410 WATERLOO | philippe_anderssonste.scitex.com */ /* BELGIUM | +32-2-352.25.93 Fax: +32-2-352.25.84 */ /*-----------------------------------------------------------------*/