Home page logo
/

bugtraq logo Bugtraq mailing list archives

Security Update: bash creates insecure temp files
From: Caldera Support Info <sup-info () LOCUTUS4 CALDERASYSTEMS COM>
Date: Mon, 27 Nov 2000 11:47:31 -0700

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

______________________________________________________________________________
                   Caldera Systems, Inc.  Security Advisory

Subject:                bash creates insecure temp files
Advisory number:        CSSA-2000-042.0
Issue date:             2000 November, 24
Cross reference:
______________________________________________________________________________


1. Problem Description

   Bash creates temp files for here scripts insecurely.
   This can be exploited via a symlink attack to create
   or write over arbitrary files on the system if the shell
   is run by root.

2. Vulnerable Versions

   System                       Package
   -----------------------------------------------------------
   OpenLinux Desktop 2.3        All packages previous to
                                bash-1.14.7-14

   OpenLinux eServer 2.3        All packages previous to
   and OpenLinux eBuilder       bash-1.14.7-14

   OpenLinux eDesktop 2.4       All packages previous to
                                bash-1.14.7-14

3. Solution

   Workaround:

     none

   The proper solution is to upgrade to the fixed packages

4. OpenLinux Desktop 2.3

   4.1 Location of Fixed Packages

       The upgrade packages can be found on Caldera's FTP site at:

       ftp://ftp.calderasystems.com/pub/updates/OpenLinux/2.3/current/RPMS/

       The corresponding source code package can be found at:

       ftp://ftp.calderasystems.com/pub/updates/OpenLinux/2.3/current/SRPMS

   4.2 Verification

       310d7b5b15517054697264fa449b732e  RPMS/bash-1.14.7-14.i386.rpm
       43dcac265abb95860569cd462cb6b870  SRPMS/bash-1.14.7-14.src.rpm

   4.3 Installing Fixed Packages

       Upgrade the affected packages with the following commands:

          rpm -Fhv bash-*.i386.rpm

5. OpenLinux eServer 2.3 and OpenLinux eBuilder for ECential 3.0

   5.1 Location of Fixed Packages

       The upgrade packages can be found on Caldera's FTP site at:

       ftp://ftp.calderasystems.com/pub/updates/eServer/2.3/current/RPMS/

       The corresponding source code package can be found at:

       ftp://ftp.calderasystems.com/pub/updates/eServer/2.3/current/SRPMS

   5.2 Verification

       ca722e9a6b4d69af48044a35f08f2c86  RPMS/bash-1.14.7-14.i386.rpm
       43dcac265abb95860569cd462cb6b870  SRPMS/bash-1.14.7-14.src.rpm

   5.3 Installing Fixed Packages

       Upgrade the affected packages with the following commands:

          rpm -Fhv bash-*.i386.rpm

6. OpenLinux eDesktop 2.4

   6.1 Location of Fixed Packages

       The upgrade packages can be found on Caldera's FTP site at:

       ftp://ftp.calderasystems.com/pub/updates/eDesktop/2.4/current/RPMS/

       The corresponding source code package can be found at:

       ftp://ftp.calderasystems.com/pub/updates/eDesktop/2.4/current/SRPMS

   6.2 Verification

       2c8d2bef0b7a4eefde60f62617ea5932  RPMS/bash-1.14.7-14.i386.rpm
       43dcac265abb95860569cd462cb6b870  SRPMS/bash-1.14.7-14.src.rpm

   6.3 Installing Fixed Packages

       Upgrade the affected packages with the following commands:

          rpm -Fhv bash-*.i386.rpm

7. References

   This and other Caldera security resources are located at:

   http://www.calderasystems.com/support/security/index.html

   This security fix closes Caldera's internal Problem Report 8322.

8. Disclaimer

   Caldera Systems, Inc. is not responsible for the misuse of any of the
   information we provide on this website and/or through our security
   advisories. Our advisories are a service to our customers intended to
   promote secure installation and use of Caldera OpenLinux.

______________________________________________________________________________
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.1 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE6HoHf18sy83A/qfwRAgDWAKCJu5RBmoE30QBIU4mn7KUV6x3GJACgtqt1
4DOYkPbKUVm9yUizyKCW0Yw=
=lLAv
-----END PGP SIGNATURE-----


  By Date           By Thread  

Current thread:
  • Security Update: bash creates insecure temp files Caldera Support Info (Nov 29)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault