aru Posted April 19, 2004 Report Share Posted April 19, 2004 MandrakeSoft Security Advisory MDKSA-2004:031 : utempter April 19th, 2004 Updated utempter packages fix several vulnerabilities Steve Grubb discovered two potential issues in the utempter program: 1) If the path to the device contained /../ or /./ or //, theprogram was not exiting as it should. It would be possible to use something like /dev/../tmp/tty0, and then if /tmp/tty0 were deleted and symlinked to another important file, programs that have root privileges that do no further validation can then overwrite whatever the symlink pointed to. 2) Several calls to strncpy without a manual termination of the string. This would most likely crash utempter. The updated packages are patched to correct these problems. The released versions of Mandrake GNU/Linux affected are: 9.1 9.2 9.2/AMD64 Multi Network Firewall 8.2 Corporate Server 2.1 10.0 Full information about this advisory, including the updated packages, is available at: www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:031 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?n...e=CAN-2004-0233 Posted automatically by aru (mdksec2mub v0.0.8) Link to comment Share on other sites More sharing options...
Recommended Posts