5828588 2000-12-05 10:47 -0700 /146 rader/ Caldera Support Info <sup-info@LOCUTUS4.CALDERASYSTEMS.COM>
Sänt av: joel@lysator.liu.se
Importerad: 2000-12-06 21:24 av Brevbäraren (som är implementerad i) Python
Extern mottagare: BUGTRAQ@SECURITYFOCUS.COM
Externa svar till: sup-info@LOCUTUS4.CALDERASYSTEMS.COM
Mottagare: Bugtraq (import) <14061>
Ärende: Security Update: CSSA-2000-043.0 unsecure temp files in tcsh
------------------------------------------------------------
From: Caldera Support Info <sup-info@LOCUTUS4.CALDERASYSTEMS.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
Message-ID: <20001205104714.A25766@locutus4.calderasystems.com>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
______________________________________________________________________________
Caldera Systems, Inc. Security Advisory
Subject: unsecure temp files in tcsh
Advisory number: CSSA-2000-043.0
Issue date: 2000 December, 1
Cross reference:
______________________________________________________________________________
1. Problem Description
When evaluating a so-called "here script", tcsh writes the
contents of that script to a temporary file, which is created
insecurely. Symlink attacks can be used to make tcsh overwrite
arbitrary files owned by the invoking user.
2. Vulnerable Versions
System Package
-----------------------------------------------------------
OpenLinux Desktop 2.3 All packages previous to
tcsh-6.10.00-2
OpenLinux eServer 2.3 All packages previous to
and OpenLinux eBuilder tcsh-6.10.00-2
OpenLinux eDesktop 2.4 All packages previous to
tcsh-6.10.00-2
3. Solution
Workaround:
none
The proper solution is to upgrade to the fixed packages
4. OpenLinux Desktop 2.3
4.1 Location of Fixed Packages
The upgrade packages can be found on Caldera's FTP site at:
ftp://ftp.calderasystems.com/pub/updates/OpenLinux/2.3/current/RPMS/
The corresponding source code package can be found at:
ftp://ftp.calderasystems.com/pub/updates/OpenLinux/2.3/current/SRPMS
4.2 Verification
9b89b9670997f3352f2e4c8a436db7ff RPMS/tcsh-6.10.00-2.i386.rpm
b917e204011a7df41b0bcdfb3d3669eb
RPMS/tcsh-doc-html-6.10.00-2.i386.rpm
a91cc5ffe8dfe85de3f13b964c514c2f SRPMS/tcsh-6.10.00-2.src.rpm
4.3 Installing Fixed Packages
Upgrade the affected packages with the following commands:
rpm -q tcsh-doc-html && rpm -e tcsh-doc-html
rpm -Uhv tcsh-*.i386.rpm
5. OpenLinux eServer 2.3 and OpenLinux eBuilder for ECential 3.0
5.1 Location of Fixed Packages
The upgrade packages can be found on Caldera's FTP site at:
ftp://ftp.calderasystems.com/pub/updates/eServer/2.3/current/RPMS/
The corresponding source code package can be found at:
ftp://ftp.calderasystems.com/pub/updates/eServer/2.3/current/SRPMS
5.2 Verification
93f84f61debebe75f984135f9a72a32a RPMS/tcsh-6.10.00-2.i386.rpm
44019349df20160c209a3f111f9880d3
RPMS/tcsh-doc-html-6.10.00-2.i386.rpm
a91cc5ffe8dfe85de3f13b964c514c2f SRPMS/tcsh-6.10.00-2.src.rpm
5.3 Installing Fixed Packages
Upgrade the affected packages with the following commands:
rpm -q tcsh-doc-html && rpm -e tcsh-doc-html
rpm -Uhv tcsh-*.i386.rpm
6. OpenLinux eDesktop 2.4
6.1 Location of Fixed Packages
The upgrade packages can be found on Caldera's FTP site at:
ftp://ftp.calderasystems.com/pub/updates/eDesktop/2.4/current/RPMS/
The corresponding source code package can be found at:
ftp://ftp.calderasystems.com/pub/updates/eDesktop/2.4/current/SRPMS
6.2 Verification
93f84f61debebe75f984135f9a72a32a RPMS/tcsh-6.10.00-2.i386.rpm
44019349df20160c209a3f111f9880d3
RPMS/tcsh-doc-html-6.10.00-2.i386.rpm
a91cc5ffe8dfe85de3f13b964c514c2f SRPMS/tcsh-6.10.00-2.src.rpm
6.3 Installing Fixed Packages
Upgrade the affected packages with the following commands:
rpm -q tcsh-doc-html && rpm -e tcsh-doc-html
rpm -Uhv tcsh-*.i386.rpm
7. References
This and other Caldera security resources are located at:
http://www.calderasystems.com/support/security/index.html
This security fix closes Caldera's internal Problem Report 8134.
8. Disclaimer
Caldera Systems, Inc. is not responsible for the misuse of any of
the information we provide on this website and/or through our
security advisories. Our advisories are a service to our customers
intended to promote secure installation and use of Caldera
OpenLinux.
______________________________________________________________________________
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.1 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE6K6oh18sy83A/qfwRAsa+AKCyWTacAC7btAAo5dRcp5khv37k9QCgw67k
WZrAChXCsMxQHrwc83wxkNo=
=tE1u
-----END PGP SIGNATURE-----
(5828588) --------------------------------(Ombruten)