OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
security_at_caldera.com
Date: Tue Oct 29 2002 - 19:25:32 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    To: bugtraqsecurityfocus.com announcelists.caldera.com security-alertslinuxsecurity.com full-disclosurelists.netsys.com

    ______________________________________________________________________________

                            SCO Security Advisory

    Subject: Linux: chfn (util-linux) temp file race vulnerability
    Advisory number: CSSA-2002-043.0
    Issue date: 2002 October 29
    Cross reference:
    ______________________________________________________________________________

    1. Problem Description

            The util-linux package vulnerable to privilege escalation when the
            "ptmptmp" file is not removed properly when using "chfn" utility.

    2. Vulnerable Supported Versions

            System Package
            ----------------------------------------------------------------------

            OpenLinux 3.1.1 Server prior to util-linux-2.11l-5.1.i386.rpm

            OpenLinux 3.1.1 Workstation prior to util-linux-2.11l-5.1.i386.rpm

            OpenLinux 3.1 Server prior to util-linux-2.11l-5.1.i386.rpm

            OpenLinux 3.1 Workstation prior to util-linux-2.11l-5.1.i386.rpm

    3. Solution

            The proper solution is to install the latest packages. Many
            customers find it easier to use the Caldera System Updater, called
            cupdate (or kcupdate under the KDE environment), to update these
            packages rather than downloading and installing them by hand.

    4. OpenLinux 3.1.1 Server

            4.1 Package Location

            ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2002-043.0/RPMS

            4.2 Packages

            98e88787d222b51faabb2e070938f042 util-linux-2.11l-5.1.i386.rpm

            4.3 Installation

            rpm -Fvh util-linux-2.11l-5.1.i386.rpm

            4.4 Source Package Location

            ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2002-043.0/SRPMS

            4.5 Source Packages

            ad191ca704a7ce42122be237bd130130 util-linux-2.11l-5.1.src.rpm

    5. OpenLinux 3.1.1 Workstation

            5.1 Package Location

            ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2002-043.0/RPMS

            5.2 Packages

            41a6998cc6a49350c92e6b39c7fd313b util-linux-2.11l-5.1.i386.rpm

            5.3 Installation

            rpm -Fvh util-linux-2.11l-5.1.i386.rpm

            5.4 Source Package Location

            ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2002-043.0/SRPMS

            5.5 Source Packages

            a94ff2530db09700bcc8ccb245f4c084 util-linux-2.11l-5.1.src.rpm

    6. OpenLinux 3.1 Server

            6.1 Package Location

            ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Server/CSSA-2002-043.0/RPMS

            6.2 Packages

            bea4d3169f518c9ce5453befdc6c2372 util-linux-2.11l-5.1.i386.rpm

            6.3 Installation

            rpm -Fvh util-linux-2.11l-5.1.i386.rpm

            6.4 Source Package Location

            ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Server/CSSA-2002-043.0/SRPMS

            6.5 Source Packages

            8eda88f37ed5d3ed98a0e6a2e260fe25 util-linux-2.11l-5.1.src.rpm

    7. OpenLinux 3.1 Workstation

            7.1 Package Location

            ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Workstation/CSSA-2002-043.0/RPMS

            7.2 Packages

            4bdca72dec95ca197a2e623aa940b14e util-linux-2.11l-5.1.i386.rpm

            7.3 Installation

            rpm -Fvh util-linux-2.11l-5.1.i386.rpm

            7.4 Source Package Location

            ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Workstation/CSSA-2002-043.0/SRPMS

            7.5 Source Packages

            4bef4047eed39cd905dc20efb8a1a9d7 util-linux-2.11l-5.1.src.rpm

    8. References

            Specific references for this advisory:
                    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0638
                    http://www.kb.cert.org/vuls/id/405955
                    http://razor.bindview.com/publish/advisories/adv_chfn.html

            SCO security resources:
                    http://www.sco.com/support/security/index.html

            This security fix closes SCO incidents sr866639, fz521517,
            erg501629.

    9. Disclaimer

            SCO is not responsible for the misuse of any of the information
            we provide on this website and/or through our security
            advisories. Our advisories are a service to our customers intended
            to promote secure installation and use of SCO products.

    10. Acknowledgements

            The BindView RAZOR Team discovered and researched this
            vulnerability.

    ______________________________________________________________________________

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.0.6 (SCO_SV)
    Comment: For info see http://www.gnupg.org

    iEYEARECAAYFAj2/NQwACgkQbluZssSXDTEg7QCghnMdv/biK8Sho82aDUC/IPv3
    cEgAnR8Xk6dkjJgTZfGbpIY3fSvpVPYp
    =gGOB
    -----END PGP SIGNATURE-----