Advisories : GnoRPM local /tmp vulnerability

main menu

- feedback
- advertising
- privacy
- FightAIDS
- newsletter
- news

discussions

- read forum
- new topic
- search

meetings

- meetings list
- recent additions
- add your info

top 100 sites

- visit top sites
- sign up now
- members

webmasters

- add your url
- add domain
- search box
- link to us

projects

- our projects
- free email

m4d network

- security software
- secureroot
- m4d.com

Home : Advisories : GnoRPM local /tmp vulnerability

Title:	GnoRPM local /tmp vulnerability
Released by:
Date:	2nd October 2000
Printable version:	Click here

While fixing other problems with the gnorpm package a locally exploitable

security hole was found where a normal user could trick root running GnoRPM

into writing to arbitary files due to a bug in the gnorpm tmp file handling.



A new release of GnoRPM (0.95.1) is now available. This fixes significant

numbers of gnorpm bugs including the security hole. Administrators who use

this program on multi-user machines may well want to update it, and anyone

who uses it regularly will probably appreciate the fact it now works rather

better than before.



All versions of GnoRPM before 0.95 are believe vulnerable



MD5Sum:

80521433f88fa09899e9105a24c69ef9 gnorpm-0.95.1.tar.gz



Download sites:

ftp.linux.org.uk:/pub/linux/alan/GNORPM/gnorpm-0.95.1.tar.gz

ftp.gnome.org:/pub/GNOME/stable/sources/gnorpm/gnorpm-0.95.1.tar.gz (soon)



Linux Vendor Update Information:



Conectiva Linux

~~~~~~~~~~~~~~~

http://atualizacoes.conectiva.com.br/

{4.0,4.0es,5.0,5.1,ferramentas/ecommerce,ferramentas/graficas}



MandrakeSoft

~~~~~~~~~~~~

http://www.linux-mandrake.com/cooker/



Red Hat Linux

~~~~~~~~~~~~~

[URLS to be confirmed]



Linux Vendors Not Shipping Gnorpm

Caldera OpenLinux

Debian GNU Linux