linux, säkerhet

4870099 2000-03-07  07:35  /49 rader/ Postmaster
Mottagare: Bugtraq (import) <10112>
Ärende: OpenLinux 2.3: rpm_query
------------------------------------------------------------
Approved-By: aleph1@SECURITYFOCUS.COM
Delivered-To: bugtraq@lists.securityfocus.com
Delivered-To: bugtraq@securityfocus.com
X-Sender: harikiri@juggernaut.el8.org
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-ID:  <Pine.LNX.4.21.0003041204220.6797-100000@juggernaut.el8.org>
Date:         Sat, 4 Mar 2000 12:32:04 -0800
Reply-To: harikiri <hariki@EL8.ORG>
Sender: Bugtraq List <BUGTRAQ@SECURITYFOCUS.COM>
From: harikiri <hariki@EL8.ORG>
X-To:         bugtraq@securityfocus.com
To: BUGTRAQ@SECURITYFOCUS.COM

This was observed on an OpenLinux 2.3 system, after performing a full
insallation of all packages.

NOTE: I didn't see anything on this in the Bugtraq archive, so I'm
assuming it's not a known issue.

[root@noname /root]# rpm -q -f /home/httpd/cgi-bin/rpm_query
OpenLinux-2.3-16
[root@noname /root]#

Issue

The rpm_query cgi allows any individual who can connect to the web
server to obtain a listing of all rpm's installed on the system.

Impact

Attackers may use this information to identify what vulnerable
software packages have been installed.


Recommendation

If this cgi is not required:

	# chmod 0 /home/httpd/cgi-bin/rpm_query

If it is required, use Apache's access control features to restrict
who may use it.


harikiri

-- "Unless you enter the tiger's lair, you cannot get hold of the
tiger's cubs."
(4870099) ------------------------------------------(Ombruten)

4875100 2000-03-08  09:19  /15 rader/ Brevbäraren (som är implementerad i) Python
Mottagare: Bugtraq (import) <10148>
Ärende: Re: Caldera OpenLinux 2.3 rpm_query
------------------------------------------------------------
Sorry everyone,

this cgi bin should have been killed long ago. We recommend you
remove it completely. We are in the process of putting together
an update that does just this.

Cheers
Olaf
--
Olaf Kirch         |  --- o --- Nous sommes du soleil we love when we play
okir@monad.swb.de  |    / | \   sol.dhoop.naytheet.ah kin.ir.samse.qurax
okir@caldera.de    +-------------------- Why Not?! -----------------------
         UNIX, n.: Spanish manufacturer of fire extinguishers.
(4875100) ------------------------------------------