82941 2002-10-31  23:14  /162 rader/  <security@caldera.com>
Importerad: 2002-10-31  23:14  av Brevbäraren
Extern mottagare: bugtraq@securityfocus.com
Extern mottagare: announce@lists.caldera.com
Extern mottagare: security-alerts@linuxsecurity.com
Extern mottagare: full-disclosure@lists.netsys.com
Externa svar till: please_reply_to_security@caldera.com
Mottagare: Bugtraq (import) <2178>
Ärende: Security Update: [CSSA-2002-043.0] Linux: chfn (util-linux) temp file race vulnerability
------------------------------------------------------------
To: bugtraq@securityfocus.com announce@lists.caldera.com security-alerts@linuxsecurity.com full-disclosure@lists.netsys.com

______________________________________________________________________________

			SCO Security Advisory

Subject:		Linux: chfn (util-linux) temp file race vulnerability 
Advisory number: 	CSSA-2002-043.0
Issue date: 		2002 October 29
Cross reference:
______________________________________________________________________________


1. Problem Description

	The util-linux package vulnerable to privilege escalation
	when the "ptmptmp" file is not removed properly when using
	"chfn" utility.


2. Vulnerable Supported Versions

	System				Package
	----------------------------------------------------------------------

	OpenLinux 3.1.1 Server		prior to util-linux-2.11l-5.1.i386.rpm

	OpenLinux 3.1.1 Workstation	prior to
util-linux-2.11l-5.1.i386.rpm

	OpenLinux 3.1 Server		prior to util-linux-2.11l-5.1.i386.rpm

	OpenLinux 3.1 Workstation	prior to
util-linux-2.11l-5.1.i386.rpm


3. Solution

	The proper solution is to install the latest packages. Many
	customers find it easier to use the Caldera System Updater,
	called cupdate (or kcupdate under the KDE environment), to
	update these packages rather than downloading and installing
	them by hand.


4. OpenLinux 3.1.1 Server

	4.1 Package Location

	ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2002-043.0/RPMS

	4.2 Packages

	98e88787d222b51faabb2e070938f042
util-linux-2.11l-5.1.i386.rpm

	4.3 Installation

	rpm -Fvh util-linux-2.11l-5.1.i386.rpm

	4.4 Source Package Location

	ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2002-043.0/SRPMS

	4.5 Source Packages

	ad191ca704a7ce42122be237bd130130
util-linux-2.11l-5.1.src.rpm


5. OpenLinux 3.1.1 Workstation

	5.1 Package Location

	ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2002-043.0/RPMS

	5.2 Packages

	41a6998cc6a49350c92e6b39c7fd313b
util-linux-2.11l-5.1.i386.rpm

	5.3 Installation

	rpm -Fvh util-linux-2.11l-5.1.i386.rpm

	5.4 Source Package Location

	ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2002-043.0/SRPMS

	5.5 Source Packages

	a94ff2530db09700bcc8ccb245f4c084
util-linux-2.11l-5.1.src.rpm


6. OpenLinux 3.1 Server

	6.1 Package Location

	ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Server/CSSA-2002-043.0/RPMS

	6.2 Packages

	bea4d3169f518c9ce5453befdc6c2372
util-linux-2.11l-5.1.i386.rpm

	6.3 Installation

	rpm -Fvh util-linux-2.11l-5.1.i386.rpm

	6.4 Source Package Location

	ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Server/CSSA-2002-043.0/SRPMS

	6.5 Source Packages

	8eda88f37ed5d3ed98a0e6a2e260fe25
util-linux-2.11l-5.1.src.rpm


7. OpenLinux 3.1 Workstation

	7.1 Package Location

	ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Workstation/CSSA-2002-043.0/RPMS

	7.2 Packages

	4bdca72dec95ca197a2e623aa940b14e
util-linux-2.11l-5.1.i386.rpm

	7.3 Installation

	rpm -Fvh util-linux-2.11l-5.1.i386.rpm

	7.4 Source Package Location

	ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Workstation/CSSA-2002-043.0/SRPMS

	7.5 Source Packages

	4bef4047eed39cd905dc20efb8a1a9d7
util-linux-2.11l-5.1.src.rpm


8. References

	Specific references for this advisory:
		http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0638
		http://www.kb.cert.org/vuls/id/405955
		http://razor.bindview.com/publish/advisories/adv_chfn.html

	SCO security resources:
		http://www.sco.com/support/security/index.html

	This security fix closes SCO incidents sr866639, fz521517,
	erg501629.


9. Disclaimer

	SCO is not responsible for the misuse of any of the
	information we provide on this website and/or through our
	security advisories. Our advisories are a service to our
	customers intended to promote secure installation and use of
	SCO products.


10. Acknowledgements

	The BindView RAZOR Team discovered and researched this
	vulnerability.

______________________________________________________________________________
(82941) / <security@caldera.com>/---------(Ombruten)
Bilaga (application/pgp-signature) i text 82942
82942 2002-10-31  23:14  /9 rader/  <security@caldera.com>
Importerad: 2002-10-31  23:14  av Brevbäraren
Extern mottagare: bugtraq@securityfocus.com
Extern mottagare: announce@lists.caldera.com
Extern mottagare: security-alerts@linuxsecurity.com
Extern mottagare: full-disclosure@lists.netsys.com
Externa svar till: please_reply_to_security@caldera.com
Mottagare: Bugtraq (import) <2179>
Bilaga (text/plain) till text 82941
Ärende: Bilaga till: Security Update: [CSSA-2002-043.0] Linux: chfn (util-linux) temp file race vulnerability
------------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (SCO_SV)
Comment: For info see http://www.gnupg.org

iEYEARECAAYFAj2/NQwACgkQbluZssSXDTEg7QCghnMdv/biK8Sho82aDUC/IPv3
cEgAnR8Xk6dkjJgTZfGbpIY3fSvpVPYp
=gGOB
-----END PGP SIGNATURE-----
(82942) / <security@caldera.com>/-------------------