From: Secunia Security Advisories (sec-advsecunia.com)
Date: Tue Jul 01 2003 - 10:22:26 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

TITLE:
Linux Kernel 2.4 execve() Vulnerability

READ ONLINE:
http://www.secunia.com/advisories/9154/

CRITICAL:
Not critical

IMPACT:
Exposure of sensitive information

WHERE:
Local system

OPERATING SYSTEM:
SuSE Linux 8.x
SuSE Linux 7.x
Slackware Linux 9.0
Conectiva Linux 8
Conectiva Linux 9
Linux Kernel 2.4.x
Mandrake Linux 8.x
Mandrake Linux 9.x
RedHat Linux 7.1
RedHat Linux 7.2
RedHat Linux 7.3
RedHat Linux 8.0
RedHat Linux 9
Slackware Linux 8.x
Conectiva Linux 7.0

DESCRIPTION:
A vulnerability has been identified in the 2.4 version of the Linux
kernel, which potentially can be exploited by malicious, local users
to gain knowledge of sensitive information.

The vulnerability is caused due to an error in the "execve()" system
call when handling the file descriptor for the target executable.
This has successfully been exploited to read suid executables, where
the user only had execute permissions.

SOLUTION:
Don't expect that users aren't able to read files, on which they only
have execute permissions. Therefore, sensitive content should not be
placed within such files (eg. perl scripts and shell scripts).

REPORTED BY / CREDITS:
Paul Starzetz

----------------------------------------------------------------------

Secunia recommends that you verify all advisories you receive, by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

Contact details:
Web : http://www.secunia.com/
E-mail : supportsecunia.com
Tel : +44 (0) 20 7016 2693
Fax : +44 (0) 20 7637 0419

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories

----------------------------------------------------------------------

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]