Mandrake Local Security Checks : Mandrake Security Advisory MDKSA-2004:031-1 (utempter)

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.50516

Categoría: Mandrake Local Security Checks

Título: Mandrake Security Advisory MDKSA-2004:031-1 (utempter)

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing an update to utempter
announced via advisory MDKSA-2004:031-1.

Steve Grubb discovered two potential issues in the utempter program:

1) If the path to the device contained /../ or /./ or //, the
program was not exiting as it should. It would be possible to use something
like /dev/../tmp/tty0, and then if /tmp/tty0 were deleted and symlinked
to another important file, programs that have root privileges that do no
further validation can then overwrite whatever the symlink pointed to.

2) Several calls to strncpy without a manual termination of the string.
This would most likely crash utempter.

The updated packages are patched to correct these problems.

Update:

The second portion of the patch to address the manual termination of
the string has been determined to be uneccessary, as well as reducing the
length of utmp strings by one character. As such, it has been removed.

Affected versions: 10.0, 9.1, 9.2, Corporate Server 2.1,
Multi Network Firewall 8.2

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2004:031-1
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0233

Risk factor : Medium

CVSS Score:
2.1

Referencia Cruzada: BugTraq ID: 10178
Common Vulnerability Exposure (CVE) ID: CVE-2004-0233
http://www.securityfocus.com/bid/10178
http://security.gentoo.org/glsa/glsa-200405-05.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2004:031
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10115
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A979
http://www.redhat.com/support/errata/RHSA-2004-174.html
http://www.redhat.com/support/errata/RHSA-2004-175.html
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.404389
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000752.1-1
XForce ISS Database: utemper-symlink(15904)
https://exchange.xforce.ibmcloud.com/vulnerabilities/15904

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.50516
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2004:031-1 (utempter)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to utempter announced via advisory MDKSA-2004:031-1. Steve Grubb discovered two potential issues in the utempter program: 1) If the path to the device contained /../ or /./ or //, the program was not exiting as it should. It would be possible to use something like /dev/../tmp/tty0, and then if /tmp/tty0 were deleted and symlinked to another important file, programs that have root privileges that do no further validation can then overwrite whatever the symlink pointed to. 2) Several calls to strncpy without a manual termination of the string. This would most likely crash utempter. The updated packages are patched to correct these problems. Update: The second portion of the patch to address the manual termination of the string has been determined to be uneccessary, as well as reducing the length of utmp strings by one character. As such, it has been removed. Affected versions: 10.0, 9.1, 9.2, Corporate Server 2.1, Multi Network Firewall 8.2 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2004:031-1 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0233 Risk factor : Medium CVSS Score: 2.1
Referencia Cruzada:	BugTraq ID: 10178 Common Vulnerability Exposure (CVE) ID: CVE-2004-0233 http://www.securityfocus.com/bid/10178 http://security.gentoo.org/glsa/glsa-200405-05.xml http://www.mandriva.com/security/advisories?name=MDKSA-2004:031 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10115 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A979 http://www.redhat.com/support/errata/RHSA-2004-174.html http://www.redhat.com/support/errata/RHSA-2004-175.html http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.404389 http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000752.1-1 XForce ISS Database: utemper-symlink(15904) https://exchange.xforce.ibmcloud.com/vulnerabilities/15904
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com