linux, säkerhet

5174384 2000-06-08  09:11  /64 rader/ Postmaster
Mottagare: Bugtraq (import) <11190>
Ärende: Conectiva Linux Security Announcement - cdrecord
------------------------------------------------------------
Approved-By: aleph1@SECURITYFOCUS.COM
Delivered-To: bugtraq@lists.securityfocus.com
Delivered-To: bugtraq@securityfocus.com
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-ID:  <20000607145101.D8947@conectiva.com.br>
Date:         Wed, 7 Jun 2000 14:51:01 -0300
Reply-To: Sergio Bruder <bruder@CONECTIVA.COM.BR>
Sender: Bugtraq List <BUGTRAQ@SECURITYFOCUS.COM>
From: Sergio Bruder <bruder@CONECTIVA.COM.BR>
X-To:         lwn@lwn.net, bos@sekure.org
To: BUGTRAQ@SECURITYFOCUS.COM

CONECTIVA LINUX SECURITY ANNOUNCEMENT


PACKAGE: cdrecord


SUMMARY : Buffer overflow, no effect on default installation
DATE : 2000-JUN-07
AFFECTED CONECTIVA VERSIONS : 5.0


DESCRIPTION
The cdrecord program has a buffer overflow problem in the processing
of the command-line argument "dev=". By exploring this vulnerability,
a local user could make the program execute arbitrary commands.
Conectiva Linux doesn't ship this binary with the SUID or SGID bits
turned on. So, the vulnerability's extent is greatly reduced, not
having the effect of granting higher user privileges.


SOLUTION
If the user needs to activate the SUID or SGID bits for the cdrecord
binary, then an upgrade is strongly recommended. The updated packages
are listed below.


DIRECT DOWNLOAD LINKS TO UPDATED PACKAGES:
ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/5.0/i386/cdda2wav-1.8-2cl.i386.rpm
ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/5.0/i386/cdrecord-1.8-2cl.i386.rpm
ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/5.0/i386/cdrecord-devel-1.8-2cl.i386.rpm
ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/5.0/i386/mkisofs-1.8-2cl.i386.rpm


SOURCE RPM PACKAGES ARE ALSO AVAILABLE:
ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/5.0/SRPMS/cdda2wav-1.8-2cl.src.rpm
ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/5.0/SRPMS/cdrecord-1.8-2cl.src.rpm
ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/5.0/SRPMS/cdrecord-devel-1.8-2cl.src.rpm
ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/5.0/SRPMS/mkisofs-1.8-2cl.src.rpm


All packages are signed with Conectiva's PGP key. The key can be
obtained at http://www.conectiva.com.br/conectiva/contato.html


Information on how to install and/or upgrade RPM packages, and
location of mirror sites, can be found at
http://www.conectiva.com.br/atualizacoes

----------------------------------------------------------------------
subscribe: atualizacoes-anuncio-subscribe@bazar.conectiva.com.br
unsubscribe: atualizacoes-anuncio-unsubscribe@bazar.conectiva.com.br
(5174384) ------------------------------------------(Ombruten)