6069252 2001-02-08 12:30 -0700 /201 rader/ Caldera Support Info <sup-info@LOCUTUS4.CALDERASYSTEMS.COM>
Sänt av: joel@lysator.liu.se
Importerad: 2001-02-08 22:29 av Brevbäraren (som är implementerad i) Python
Extern mottagare: BUGTRAQ@SECURITYFOCUS.COM
Externa svar till: sup-info@LOCUTUS4.CALDERASYSTEMS.COM
Mottagare: Bugtraq (import) <15304>
Ärende: Security Advisory: security problems in ptrace and sysctl
------------------------------------------------------------
CSSA-2001-009.0
From: Caldera Support Info <sup-info@LOCUTUS4.CALDERASYSTEMS.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
Message-ID: <20010208123042.A10155@locutus4.calderasystems.com>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
______________________________________________________________________________
Caldera Systems, Inc. Security Advisory
Subject: security problems in ptrace and sysctl
Advisory number: CSSA-2001-009.0
Issue date: 2001 February, 08
Cross reference:
______________________________________________________________________________
1. Problem Description
There are two security problems in 2.2 and 2.4 kernels.
By passing a negative offset to sysctl(), an attacker can read
large parts of Linux kernel memory.
In addition, a race condition has been discovered that allows
an attacker to attach via ptrace to a setuid process, allowing
him to modify the running process.
2. Vulnerable Versions
System Package
-----------------------------------------------------------
OpenLinux 2.3 All packages previous to
linux-2.2.10-11
OpenLinux eServer 2.3.1 All packages previous to
and OpenLinux eBuilder linux-2.2.14-10S
OpenLinux eDesktop 2.4 All packages previous to
linux-2.2.14-6
3. Solution
Workaround
none
The proper solution is to upgrade to the latest packages.
4. OpenLinux 2.3
4.1 Location of Fixed Packages
The upgrade packages can be found on Caldera's FTP site at:
ftp://ftp.calderasystems.com/pub/updates/OpenLinux/2.3/current/RPMS/
The corresponding source code package can be found at:
ftp://ftp.calderasystems.com/pub/updates/OpenLinux/2.3/current/SRPMS
4.2 Verification
8a0ef1cedca96379e5a1d1edb9c125ad
RPMS/linux-kernel-binary-2.2.10-11.i386.rpm
f07baace0c59d53e224771ed08ebf997
RPMS/linux-kernel-doc-2.2.10-11.i386.rpm
32bcd0c87ea21059849f9a2d19f24b96
RPMS/linux-kernel-include-2.2.10-11.i386.rpm
6d8bf49f14207588b700c85534962f1d
RPMS/linux-source-alpha-2.2.10-11.i386.rpm
05e01990ade901cabc13835fbdbb408d
RPMS/linux-source-arm-2.2.10-11.i386.rpm
0fca33e2c7ba92a6d1bd07800b83a08c
RPMS/linux-source-common-2.2.10-11.i386.rpm
0d779697b36fbad15c66fa5fb050982c
RPMS/linux-source-i386-2.2.10-11.i386.rpm
548b09b70a84f25a7ce1b89e3a08dd52
RPMS/linux-source-m68k-2.2.10-11.i386.rpm
047d2b9fa3bba181a4cfa24938eb6992
RPMS/linux-source-mips-2.2.10-11.i386.rpm
f565161051887da728af6a5c9498fd72
RPMS/linux-source-ppc-2.2.10-11.i386.rpm
d054d7d142f3934dad724764c10c2366
RPMS/linux-source-sparc-2.2.10-11.i386.rpm
530cd4780c4a2985f7622a6f5d3b0e2d
RPMS/linux-source-sparc64-2.2.10-11.i386.rpm
65294d6f7aa24446d29b8ad0a3e8110e RPMS/pcmcia-cs-3.0.14-2.i386.rpm
355b3b900f6991ae0952c820af0c47c6 SRPMS/linux-2.2.10-11.src.rpm
9cdf867c2e9ce4f30ee7c6075dfe44a3 SRPMS/pcmcia-cs-3.0.14-2.src.rpm
4.3 Installing Fixed Packages
Upgrade the affected packages with the following commands:
modprobe loop
rpm -Fhv linux-*.i386.rpm pcmcia-*i386.rpm
5. OpenLinux eServer 2.3.1 and OpenLinux eBuilder for ECential 3.0
5.1 Location of Fixed Packages
The upgrade packages can be found on Caldera's FTP site at:
ftp://ftp.calderasystems.com/pub/updates/eServer/2.3/current/RPMS/
The corresponding source code package can be found at:
ftp://ftp.calderasystems.com/pub/updates/eServer/2.3/current/SRPMS
5.2 Verification
9f0c065aa14dea81aa3328cf5714d52b RPMS/iBCS-2.1-5.i386.rpm
96ba2899df9086fc0f805844fedeff8d RPMS/iBCS-extras-2.1-5.i386.rpm
e1e8480264cdbb766b0ce72fdbd48210
RPMS/linux-kernel-binary-2.2.14-10S.i386.rpm
1ee722df6359d24b7e585aacb8551fd9
RPMS/linux-kernel-doc-2.2.14-10S.i386.rpm
c9645f600529def2cdebf44f6df5570c
RPMS/linux-kernel-include-2.2.14-10S.i386.rpm
8eeed84077d1c91055f39751481ab241
RPMS/linux-source-alpha-2.2.14-10S.i386.rpm
d73db690f13f3aeb73d1c9f6d39fc041
RPMS/linux-source-arm-2.2.14-10S.i386.rpm
936b50d5e54a2bc0065d1027cdda9283
RPMS/linux-source-common-2.2.14-10S.i386.rpm
b2c92124ddda525c79c6eb25999577cd
RPMS/linux-source-i386-2.2.14-10S.i386.rpm
072afe6e635c6db3d3cfc6150d711eb0
RPMS/linux-source-m68k-2.2.14-10S.i386.rpm
2591caa8b746764296920a56af41e176
RPMS/linux-source-mips-2.2.14-10S.i386.rpm
e08c380c2f28ad8518921d70e34febff
RPMS/linux-source-ppc-2.2.14-10S.i386.rpm
33337a54e9e4a5b314755d2a510a7e32
RPMS/linux-source-sparc-2.2.14-10S.i386.rpm
c1eec98091fd9740bf7bfc6532e50820
RPMS/linux-source-sparc64-2.2.14-10S.i386.rpm
40019cca864690f2c38352a093f364c8 RPMS/pcmcia-cs-3.1.4-2.i386.rpm
14565258531852898ff0be9b5825dd7d SRPMS/iBCS-2.1-5.src.rpm
e5497fff424aa61632b022a07bc85912 SRPMS/linux-2.2.14-10S.src.rpm
5b92f68f680345805e1c77fd44d89a2a SRPMS/pcmcia-cs-3.1.4-2.src.rpm
5.3 Installing Fixed Packages
Upgrade the affected packages with the following commands:
modprobe loop
rpm -Fvh linux-*i386.rpm pcmcia*i386.rpm iBCS*i386.rpm
6. OpenLinux eDesktop 2.4
6.1 Location of Fixed Packages
The upgrade packages can be found on Caldera's FTP site at:
ftp://ftp.calderasystems.com/pub/updates/eDesktop/2.4/current/RPMS/
The corresponding source code package can be found at:
ftp://ftp.calderasystems.com/pub/updates/eDesktop/2.4/current/SRPMS
6.2 Verification
67c7df7f573a831c5c46a643f7930499 RPMS/hwprobe-20000214-3.i386.rpm
ee79eb927480213cf57df6550086c432 RPMS/iBCS-2.1-9.i386.rpm
3f958c65965f370b500e9fbefbd0ce55 RPMS/iBCS-extras-2.1-9.i386.rpm
ff437f5400a7b7e301c233d0ff3a2320
RPMS/iBCS-module-2.1_2.2.14-9.i386.rpm
a339adde345ce87c95b27e553b597bc4
RPMS/linux-kernel-binary-2.2.14-6.i386.rpm
686725eb5aa1854b6e805bf0d1697995
RPMS/linux-kernel-doc-2.2.14-6.i386.rpm
a2b361bea7d2f7a0d56b9e2465d91fa6
RPMS/linux-kernel-include-2.2.14-6.i386.rpm
de2a84e9016fafe1df142e6587a2af73
RPMS/linux-source-alpha-2.2.14-6.i386.rpm
af53b5b1bc47489374fd690002345ea7
RPMS/linux-source-arm-2.2.14-6.i386.rpm
58d12902baae6f3baa693d14a760cbc3
RPMS/linux-source-common-2.2.14-6.i386.rpm
fbf9fbd017e612d1710170f3d7118c7f
RPMS/linux-source-i386-2.2.14-6.i386.rpm
cad18295f0df7ca1eba19cf97384aeb6
RPMS/linux-source-m68k-2.2.14-6.i386.rpm
75942d127d7ef9b98c956e7cb4abac6b
RPMS/linux-source-mips-2.2.14-6.i386.rpm
5c94b82aae50f4925d3a64ef9aae6412
RPMS/linux-source-ppc-2.2.14-6.i386.rpm
84eb1eff37fabd7d0f4df5ae025c0fd3
RPMS/linux-source-sparc-2.2.14-6.i386.rpm
1624e4bb66a6be2a1982809bf0f25e60
RPMS/linux-source-sparc64-2.2.14-6.i386.rpm
e34a47ff00e045d7aaa0c321e9444b33 RPMS/pcmcia-cs-3.1.8-2.i386.rpm
64bb4f963b374c2ae0be9b7cefc458da SRPMS/hwprobe-20000214-3.src.rpm
0c0a223b294aa311d9f9b3eecd57f2b3 SRPMS/iBCS-2.1-9.src.rpm
b7d59154a2ec54334b0d26f693336094 SRPMS/linux-2.2.14-6.src.rpm
141b5dcf89bc6976c5e8a7c15cd27e58 SRPMS/pcmcia-cs-3.1.8-2.src.rpm
6.3 Installing Fixed Packages
Upgrade the affected packages with the following commands:
modprobe loop rpm -Fvh linux-*i386.rpm pcmcia*i386.rpm
iBCS*i386.rpm hwprobe*i386.rpm
7. References
This and other Caldera security resources are located at:
http://www.calderasystems.com/support/security/index.html
This security fix closes Caldera's internal Problem Report 9042.
8. Disclaimer
Caldera Systems, Inc. is not responsible for the misuse of any of
the information we provide on this website and/or through our
security advisories. Our advisories are a service to our customers
intended to promote secure installation and use of Caldera
OpenLinux.
9. Acknowledgements
Caldera, Inc. wishes to thank Chris Evans, Solar Designer and Alan
Cox for finding the bugs and their assistance in getting them
fixed.
______________________________________________________________________________
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.0 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE6goQi18sy83A/qfwRApM0AJ9fwIFRqKtq5TzEwL9lJlutOaRspwCgh0/e
0FFxS+9ycE6XYkEeHVTKcD0=
=sOaz
-----END PGP SIGNATURE-----
(6069252) --------------------------------(Ombruten)