OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Helix Code Security Advisory - Helix GNOME Update
From: Helix Code, Inc. (securityHELIXCODE.COM)
Date: Sun Aug 20 2000 - 02:39:40 CDT


HELIX CODE, INC. SECURITY ADVISORY
securityhelixcode.com Issue Date: 20 Aug 2000

PACKAGES AFFECTED:
Helix GNOME Updater (helix-update), versions 0.1 through 0.5

SYNOPSIS:
A vulnerability in Helix GNOME Update allow non-root users to exploit
world-writable permissions on /tmp, permitting arbitrarily modified RPM
packages to be installed on the system.

DESCRIPTION:
A directory called /tmp/helix-install is used to store downloaded RPM packages
to be installed. If that directory was created by a malicious non-root user
prior to root launching the application, the malicious user could place
arbitrary RPM packages in that directory which could be installed and used to
compromise the security of the system.

SOLUTION:
A new version of the Helix GNOME Updater (0.6) has been released. This new
version fixes this vulnerability by storing downloaded files in
/var/cache/helix-install, which is writable only by root.

AVAILABILITY:
New versions of the Helix GNOME Updater are available immediately from Helix
Code, Inc.

A list of supported distributions, platforms and versions can be found at
http://www.helixcode.com/desktop/download.php3.

For Caldera OpenLinux eDesktop systems:
http://spidermonkey.helixcode.com/distributions/Caldera-2.4/helix-update-0.6-0_helix_2.i386.rpm

For LinuxPPC systems:
http://spidermonkey.helixcode.com/distributions/LinuxPPC/helix-update-0.6.0_helix_2.ppc.rpm

For Linux Mandrake systems:
http://spidermonkey.helixcode.com/distributions/Mandrake/helix-update-0.6-0mdk_helix_2.i586.rpm

For Red Hat Linux systems:
http://spidermonkey.helixcode.com/distributions/RedHat-6/helix-update-0.6-0_helix_2.i386.rpm

For Solaris systems:
http://spidermonkey.helixcode.com/distributions/Solaris/helix-update-0.6-0_helix_1.sparc64.rpm

For SuSE 6.3 systems:
http://spidermonkey.helixcode.com/distributions/SuSE/hupdate-0.6-0_helix_2.i386.rpm

For SuSE 6.4 systems:
http://spidermonkey.helixcode.com/distributions/SuSE-6.4/hupdate-0.6-0_helix_2.i386.rpm

For TurboLinux systems:
http://spidermonkey.helixcode.com/distributions/TurboLinux-6/helix-update-0.6-0_helix_3.i386.rpm

VERIFICATION:
cebf0dfee4b6e3863d6accf18323f143 Caldera-2.4/helix-update-0.6-0_helix_2.i386.rpm
a72044ce71275aafb1aad39efc72abae LinuxPPC/helix-update-0.6-0_helix_2.ppc.rpm
80facf4bc809e462c428a004b0940247 Mandrake/helix-update-0.6-0mdk_helix_2.i586.rpm
0d50980e0206ae3d22364879fc64bb61 RedHat-6/helix-update-0.6-0_helix_2.i386.rpm
1eec4c82ba6a9c7cc2f5645cbcaa5f66 Solaris/helix-update-0.6-0_helix_1.sparc64.rpm
410a4958c95b4426f711d0e5ffae7fb4 SuSE/hupdate-0.6-0_helix_2.i386.rpm
cd5c18a4c9be10c6c311e8785408e6ec SuSE-6.4/hupdate-0.6-0_helix_2.i386.rpm
c539209a2b2f2ab514126964cfaddda1 TurboLinux-6/helix-update-0.6-0_helix_3.i386.rpm

Copyright (C) 2000 Helix Code, Inc.