Home page logo
/

bugtraq logo Bugtraq mailing list archives

[ESA-20010508-01] glibc local vulnerability
From: EnGarde Secure Linux <security () GUARDIANDIGITAL COM>
Date: Tue, 8 May 2001 12:14:10 -0400

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


+------------------------------------------------------------------------+
| EnGarde Secure Linux Security Advisory                    May 08, 2001 |
| http://www.engardelinux.org/                           ESA-20010508-01 |
|                                                                        |
| Package:  glibc                                                        |
| Summary:  glibc local vulnerability                                    |
+------------------------------------------------------------------------+

  EnGarde Secure Linux is a secure distribution of Linux that features
  improved access control, host and network intrusion detection, Web
  based secure remote management, complete e-commerce using AllCommerce,
  and integrated open source security tools.


OVERVIEW
- --------
  There is a vulnerability in the version of 'glibc' which shipped with
  EnGarde Secure Linux version 1.0.1, which can lead to an unprivileged
  user overwriting files they should not be able to.


DETAIL
- ------
  During the development of EnGarde Secure Linux 1.0.1, an oversight was
  made and one of the 2-1-branch patches were inadvertently excluded from
  the final glibc package.  This makes the version of glibc which shipped
  with 1.0.1 vulnerable to several attacks by leveraging the LD_PRELOAD,
  LD_PROFILE, and SEGFAULT_OUTPUT_NAME environment variables.


SOLUTION
- --------
  All users of EnGarde should upgrade to the most recent version, as
  outlined in this advisory.  All updates can be found at:

    ftp://ftp.engardelinux.org/pub/engarde/stable/updates/
    http://ftp.engardelinux.org/pub/engarde/stable/updates/

  To install the updated package, execute the command:

    rpm -Uvh <filename>

  To verify the signature of the updated packages, execute the command:

    rpm -Kv <filename>

  It is recommended to reboot the machine after this updated package is
  installed.


UPDATED PACKAGES
- ----------------

  Source Packages:

    SRPMS/glibc-2.1.3-1.0.3.src.rpm
      MD5 Sum:  ac34faa24fb2d09c8b6cc870909c594f

  Binary Packages:

    i386/glibc-2.1.3-1.0.3.i386.rpm
      MD5 Sum:  3493eaa74736bd0a5e22027280168f5e

    All i686 users should be using the above i386 RPM.


REFERENCES
- ----------

  Guardian Digital's public key:
    http://ftp.engardelinux.org/pub/engarde/ENGARDE-GPG-KEY

  Special thanks go to:
    Solar Designer <solar () openwall com>

  glibc's official web site:
    http://www.gnu.org/software/glibc/

  SecurityFocus Bug ID:
    http://www.securityfocus.com/bid/2223


- --------------------------------------------------------------------------
$Id: 2001.05.08-glibc,v 1.1 2001/05/08 16:06:37 rwm Exp $
- --------------------------------------------------------------------------
Author: Ryan W. Maple, <ryan () guardiandigital com>
Copyright 2001, Guardian Digital, Inc.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE6+BtZHD5cqd57fu0RAnBJAJ42pLp4pdOjLcBKqEfSLGxyceXsPACfYdDR
MZFnc7qwTGSD64kVYo5RPvI=
=7rnP
-----END PGP SIGNATURE-----

------------------------------------------------------------------------
     To unsubscribe email engarde-security-request () engardelinux org
         with "unsubscribe" in the subject of the message.

Copyright(c) 2001 Guardian Digital, Inc.                EnGardeLinux.org
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
  • [ESA-20010508-01] glibc local vulnerability EnGarde Secure Linux (May 08)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]