5964417 2001-01-15 17:11 -0700  /99 rader/ Caldera Support Info <sup-info@LOCUTUS4.CALDERASYSTEMS.COM>
Sänt av: joel@lysator.liu.se
Importerad: 2001-01-16  19:56  av Brevbäraren (som är implementerad i) Python
Extern mottagare: BUGTRAQ@SECURITYFOCUS.COM
Externa svar till: sup-info@LOCUTUS4.CALDERASYSTEMS.COM
Mottagare: Bugtraq (import) <14833>
Ärende: Caldera Systems Security Advisory
------------------------------------------------------------
From: Caldera Support Info <sup-info@LOCUTUS4.CALDERASYSTEMS.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
Message-ID: <20010115171105.A24568@locutus4.calderasystems.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

______________________________________________________________________________
		   Caldera Systems, Inc.  Security Advisory

Subject:		temp file problems in inn
Advisory number: 	CSSA-2001-001.0
Issue date: 		2001 January, 11
Cross reference:
______________________________________________________________________________


1. Problem Description

   INN uses a temporary directory for several operations. Those
   operations use it in a unsecure manner, which would allow an
   attacker to gain access to the 'news' user. Since INN is not
   supposed to work in a public temporary directory, please use
   the described workaround to change the temp directory to a
   news private one.


2. Vulnerable Versions

   System                       Package
   -----------------------------------------------------------
   OpenLinux Desktop 2.3        All released inn packages
   				

   OpenLinux eServer 2.3.1      All released inn packages
   and OpenLinux eBuilder

   OpenLinux eDesktop 2.4	All released inn packages


3. Solution

   Workaround:

   Edit /etc/news/inn.conf, change the line
	pathtmp:                /var/tmp
   to read
	pathtmp:                /var/run/news

   After this, restart INN by running as root:

	/etc/rc.d/init.d/news stop
	/etc/rc.d/init.d/news start


4. OpenLinux Desktop 2.3

   No fixed packages released, see workaround above.

5. OpenLinux eServer 2.3.1 and OpenLinux eBuilder for ECential 3.0

   No fixed packages released, see workaround above.

6. OpenLinux eDesktop 2.4

   No fixed packages released, see workaround above.

7. References

   This and other Caldera security resources are located at:

   http://www.calderasystems.com/support/security/index.html

   This security fix closes Caldera's internal Problem Report 8673.

8. Disclaimer

   Caldera Systems, Inc. is not responsible for the misuse of any of
   the information we provide on this website and/or through our
   security advisories. Our advisories are a service to our customers
   intended to promote secure installation and use of Caldera
   OpenLinux.

9. Acknowledgements

   Caldera Systems, Inc. wishes to thank the Team at Immunix, Greg KH
   at Wirex and Solar Designer for drawing our attention, and their
   cooperation.

______________________________________________________________________________
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.1 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE6X3hx18sy83A/qfwRAg20AKCTUcuEhv34ap/5FdmjCla9/8ZFEwCgxCMl
WtA3Ghi1CPyEvYbE4IS5Clw=
=NSte
-----END PGP SIGNATURE-----
(5964417) --------------------------------(Ombruten)