|
|
Home : Advisories : Bash creates insecure temp files
| Title: |
Bash creates insecure temp files |
| Released by: |
Caldera |
| Date: |
24th November 2000 |
| Printable version: |
Click here |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
______________________________________________________________________________
Caldera Systems, Inc. Security Advisory
Subject: bash creates insecure temp files
Advisory number: CSSA-2000-042.0
Issue date: 2000 November, 24
Cross reference:
______________________________________________________________________________
1. Problem Description
Bash creates temp files for here scripts insecurely.
This can be exploited via a symlink attack to create
or write over arbitrary files on the system if the shell
is run by root.
2. Vulnerable Versions
System Package
-----------------------------------------------------------
OpenLinux Desktop 2.3 All packages previous to
bash-1.14.7-14
OpenLinux eServer 2.3 All packages previous to
and OpenLinux eBuilder bash-1.14.7-14
OpenLinux eDesktop 2.4 All packages previous to
bash-1.14.7-14
3. Solution
Workaround:
none
The proper solution is to upgrade to the fixed packages
4. OpenLinux Desktop 2.3
4.1 Location of Fixed Packages
The upgrade packages can be found on Caldera's FTP site at:
http://ftp.calderasystems.com/pub/updates/OpenLinux/2.3/current/RPMS/
The corresponding source code package can be found at:
http://ftp.calderasystems.com/pub/updates/OpenLinux/2.3/current/SRPMS
4.2 Verification
310d7b5b15517054697264fa449b732e RPMS/bash-1.14.7-14.i386.rpm
43dcac265abb95860569cd462cb6b870 SRPMS/bash-1.14.7-14.src.rpm
4.3 Installing Fixed Packages
Upgrade the affected packages with the following commands:
rpm -Fhv bash-*.i386.rpm
5. OpenLinux eServer 2.3 and OpenLinux eBuilder for ECential 3.0
5.1 Location of Fixed Packages
The upgrade packages can be found on Caldera's FTP site at:
http://ftp.calderasystems.com/pub/updates/eServer/2.3/current/RPMS/
The corresponding source code package can be found at:
http://ftp.calderasystems.com/pub/updates/eServer/2.3/current/SRPMS
5.2 Verification
ca722e9a6b4d69af48044a35f08f2c86 RPMS/bash-1.14.7-14.i386.rpm
43dcac265abb95860569cd462cb6b870 SRPMS/bash-1.14.7-14.src.rpm
5.3 Installing Fixed Packages
Upgrade the affected packages with the following commands:
rpm -Fhv bash-*.i386.rpm
6. OpenLinux eDesktop 2.4
6.1 Location of Fixed Packages
The upgrade packages can be found on Caldera's FTP site at:
http://ftp.calderasystems.com/pub/updates/eDesktop/2.4/current/RPMS/
The corresponding source code package can be found at:
http://ftp.calderasystems.com/pub/updates/eDesktop/2.4/current/SRPMS
6.2 Verification
2c8d2bef0b7a4eefde60f62617ea5932 RPMS/bash-1.14.7-14.i386.rpm
43dcac265abb95860569cd462cb6b870 SRPMS/bash-1.14.7-14.src.rpm
6.3 Installing Fixed Packages
Upgrade the affected packages with the following commands:
rpm -Fhv bash-*.i386.rpm
7. References
This and other Caldera security resources are located at:
http://www.calderasystems.com/support/security/index.html
This security fix closes Caldera's internal Problem Report 8322.
8. Disclaimer
Caldera Systems, Inc. is not responsible for the misuse of any of the
information we provide on this website and/or through our security
advisories. Our advisories are a service to our customers intended to
promote secure installation and use of Caldera OpenLinux.
______________________________________________________________________________
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.1 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE6HoHf18sy83A/qfwRAgDWAKCJu5RBmoE30QBIU4mn7KUV6x3GJACgtqt1
4DOYkPbKUVm9yUizyKCW0Yw=
=lLAv
-----END PGP SIGNATURE-----
|
