OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Caldera Support Info (sup-infolocutus4.calderasystems.com)
Date: Thu Feb 08 2001 - 13:30:43 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    ______________________________________________________________________________
                       Caldera Systems, Inc. Security Advisory

    Subject: security problems in ptrace and sysctl
    Advisory number: CSSA-2001-009.0
    Issue date: 2001 February, 08
    Cross reference:
    ______________________________________________________________________________

    1. Problem Description

       There are two security problems in 2.2 and 2.4 kernels.

       By passing a negative offset to sysctl(), an attacker can read
       large parts of Linux kernel memory.

       In addition, a race condition has been discovered that allows
       an attacker to attach via ptrace to a setuid process, allowing
       him to modify the running process.

    2. Vulnerable Versions

       System Package
       -----------------------------------------------------------
       OpenLinux 2.3 All packages previous to
                                       linux-2.2.10-11

       OpenLinux eServer 2.3.1 All packages previous to
       and OpenLinux eBuilder linux-2.2.14-10S

       OpenLinux eDesktop 2.4 All packages previous to
                                       linux-2.2.14-6

    3. Solution

       Workaround

         none

       The proper solution is to upgrade to the latest packages.

    4. OpenLinux 2.3

       4.1 Location of Fixed Packages

           The upgrade packages can be found on Caldera's FTP site at:
            
           ftp://ftp.calderasystems.com/pub/updates/OpenLinux/2.3/current/RPMS/

           The corresponding source code package can be found at:

           ftp://ftp.calderasystems.com/pub/updates/OpenLinux/2.3/current/SRPMS

       4.2 Verification

    8a0ef1cedca96379e5a1d1edb9c125ad RPMS/linux-kernel-binary-2.2.10-11.i386.rpm
    f07baace0c59d53e224771ed08ebf997 RPMS/linux-kernel-doc-2.2.10-11.i386.rpm
    32bcd0c87ea21059849f9a2d19f24b96 RPMS/linux-kernel-include-2.2.10-11.i386.rpm
    6d8bf49f14207588b700c85534962f1d RPMS/linux-source-alpha-2.2.10-11.i386.rpm
    05e01990ade901cabc13835fbdbb408d RPMS/linux-source-arm-2.2.10-11.i386.rpm
    0fca33e2c7ba92a6d1bd07800b83a08c RPMS/linux-source-common-2.2.10-11.i386.rpm
    0d779697b36fbad15c66fa5fb050982c RPMS/linux-source-i386-2.2.10-11.i386.rpm
    548b09b70a84f25a7ce1b89e3a08dd52 RPMS/linux-source-m68k-2.2.10-11.i386.rpm
    047d2b9fa3bba181a4cfa24938eb6992 RPMS/linux-source-mips-2.2.10-11.i386.rpm
    f565161051887da728af6a5c9498fd72 RPMS/linux-source-ppc-2.2.10-11.i386.rpm
    d054d7d142f3934dad724764c10c2366 RPMS/linux-source-sparc-2.2.10-11.i386.rpm
    530cd4780c4a2985f7622a6f5d3b0e2d RPMS/linux-source-sparc64-2.2.10-11.i386.rpm
    65294d6f7aa24446d29b8ad0a3e8110e RPMS/pcmcia-cs-3.0.14-2.i386.rpm
    355b3b900f6991ae0952c820af0c47c6 SRPMS/linux-2.2.10-11.src.rpm
    9cdf867c2e9ce4f30ee7c6075dfe44a3 SRPMS/pcmcia-cs-3.0.14-2.src.rpm

       4.3 Installing Fixed Packages

           Upgrade the affected packages with the following commands:

              modprobe loop
              rpm -Fhv linux-*.i386.rpm pcmcia-*i386.rpm

    5. OpenLinux eServer 2.3.1 and OpenLinux eBuilder for ECential 3.0

       5.1 Location of Fixed Packages

           The upgrade packages can be found on Caldera's FTP site at:

           ftp://ftp.calderasystems.com/pub/updates/eServer/2.3/current/RPMS/

           The corresponding source code package can be found at:

           ftp://ftp.calderasystems.com/pub/updates/eServer/2.3/current/SRPMS

       5.2 Verification

    9f0c065aa14dea81aa3328cf5714d52b RPMS/iBCS-2.1-5.i386.rpm
    96ba2899df9086fc0f805844fedeff8d RPMS/iBCS-extras-2.1-5.i386.rpm
    e1e8480264cdbb766b0ce72fdbd48210 RPMS/linux-kernel-binary-2.2.14-10S.i386.rpm
    1ee722df6359d24b7e585aacb8551fd9 RPMS/linux-kernel-doc-2.2.14-10S.i386.rpm
    c9645f600529def2cdebf44f6df5570c RPMS/linux-kernel-include-2.2.14-10S.i386.rpm
    8eeed84077d1c91055f39751481ab241 RPMS/linux-source-alpha-2.2.14-10S.i386.rpm
    d73db690f13f3aeb73d1c9f6d39fc041 RPMS/linux-source-arm-2.2.14-10S.i386.rpm
    936b50d5e54a2bc0065d1027cdda9283 RPMS/linux-source-common-2.2.14-10S.i386.rpm
    b2c92124ddda525c79c6eb25999577cd RPMS/linux-source-i386-2.2.14-10S.i386.rpm
    072afe6e635c6db3d3cfc6150d711eb0 RPMS/linux-source-m68k-2.2.14-10S.i386.rpm
    2591caa8b746764296920a56af41e176 RPMS/linux-source-mips-2.2.14-10S.i386.rpm
    e08c380c2f28ad8518921d70e34febff RPMS/linux-source-ppc-2.2.14-10S.i386.rpm
    33337a54e9e4a5b314755d2a510a7e32 RPMS/linux-source-sparc-2.2.14-10S.i386.rpm
    c1eec98091fd9740bf7bfc6532e50820 RPMS/linux-source-sparc64-2.2.14-10S.i386.rpm
    40019cca864690f2c38352a093f364c8 RPMS/pcmcia-cs-3.1.4-2.i386.rpm
    14565258531852898ff0be9b5825dd7d SRPMS/iBCS-2.1-5.src.rpm
    e5497fff424aa61632b022a07bc85912 SRPMS/linux-2.2.14-10S.src.rpm
    5b92f68f680345805e1c77fd44d89a2a SRPMS/pcmcia-cs-3.1.4-2.src.rpm

       5.3 Installing Fixed Packages

           Upgrade the affected packages with the following commands:

              modprobe loop
              rpm -Fvh linux-*i386.rpm pcmcia*i386.rpm iBCS*i386.rpm

    6. OpenLinux eDesktop 2.4

       6.1 Location of Fixed Packages

           The upgrade packages can be found on Caldera's FTP site at:

           ftp://ftp.calderasystems.com/pub/updates/eDesktop/2.4/current/RPMS/

           The corresponding source code package can be found at:

           ftp://ftp.calderasystems.com/pub/updates/eDesktop/2.4/current/SRPMS

       6.2 Verification

    67c7df7f573a831c5c46a643f7930499 RPMS/hwprobe-20000214-3.i386.rpm
    ee79eb927480213cf57df6550086c432 RPMS/iBCS-2.1-9.i386.rpm
    3f958c65965f370b500e9fbefbd0ce55 RPMS/iBCS-extras-2.1-9.i386.rpm
    ff437f5400a7b7e301c233d0ff3a2320 RPMS/iBCS-module-2.1_2.2.14-9.i386.rpm
    a339adde345ce87c95b27e553b597bc4 RPMS/linux-kernel-binary-2.2.14-6.i386.rpm
    686725eb5aa1854b6e805bf0d1697995 RPMS/linux-kernel-doc-2.2.14-6.i386.rpm
    a2b361bea7d2f7a0d56b9e2465d91fa6 RPMS/linux-kernel-include-2.2.14-6.i386.rpm
    de2a84e9016fafe1df142e6587a2af73 RPMS/linux-source-alpha-2.2.14-6.i386.rpm
    af53b5b1bc47489374fd690002345ea7 RPMS/linux-source-arm-2.2.14-6.i386.rpm
    58d12902baae6f3baa693d14a760cbc3 RPMS/linux-source-common-2.2.14-6.i386.rpm
    fbf9fbd017e612d1710170f3d7118c7f RPMS/linux-source-i386-2.2.14-6.i386.rpm
    cad18295f0df7ca1eba19cf97384aeb6 RPMS/linux-source-m68k-2.2.14-6.i386.rpm
    75942d127d7ef9b98c956e7cb4abac6b RPMS/linux-source-mips-2.2.14-6.i386.rpm
    5c94b82aae50f4925d3a64ef9aae6412 RPMS/linux-source-ppc-2.2.14-6.i386.rpm
    84eb1eff37fabd7d0f4df5ae025c0fd3 RPMS/linux-source-sparc-2.2.14-6.i386.rpm
    1624e4bb66a6be2a1982809bf0f25e60 RPMS/linux-source-sparc64-2.2.14-6.i386.rpm
    e34a47ff00e045d7aaa0c321e9444b33 RPMS/pcmcia-cs-3.1.8-2.i386.rpm
    64bb4f963b374c2ae0be9b7cefc458da SRPMS/hwprobe-20000214-3.src.rpm
    0c0a223b294aa311d9f9b3eecd57f2b3 SRPMS/iBCS-2.1-9.src.rpm
    b7d59154a2ec54334b0d26f693336094 SRPMS/linux-2.2.14-6.src.rpm
    141b5dcf89bc6976c5e8a7c15cd27e58 SRPMS/pcmcia-cs-3.1.8-2.src.rpm

       6.3 Installing Fixed Packages

           Upgrade the affected packages with the following commands:

           modprobe loop
           rpm -Fvh linux-*i386.rpm pcmcia*i386.rpm iBCS*i386.rpm hwprobe*i386.rpm

    7. References

       This and other Caldera security resources are located at:

       http://www.calderasystems.com/support/security/index.html

       This security fix closes Caldera's internal Problem Report 9042.

    8. Disclaimer

       Caldera Systems, Inc. is not responsible for the misuse of any of the
       information we provide on this website and/or through our security
       advisories. Our advisories are a service to our customers intended to
       promote secure installation and use of Caldera OpenLinux.

    9. Acknowledgements

       Caldera, Inc. wishes to thank Chris Evans, Solar Designer and Alan
       Cox for finding the bugs and their assistance in getting them fixed.

    ______________________________________________________________________________
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.0.0 (GNU/Linux)
    Comment: For info see http://www.gnupg.org

    iD8DBQE6goQi18sy83A/qfwRApM0AJ9fwIFRqKtq5TzEwL9lJlutOaRspwCgh0/e
    0FFxS+9ycE6XYkEeHVTKcD0=
    =sOaz
    -----END PGP SIGNATURE-----