linux, säkerhet

5770108 2000-11-22 18:46 -0200  /71 rader/  <secure@CONECTIVA.COM.BR>
Importerad: 2000-11-24  02:27  av Brevbäraren (som är implementerad i) Python
Extern mottagare: BUGTRAQ@SECURITYFOCUS.COM
Externa svar till: secure@CONECTIVA.COM.BR
Mottagare: Bugtraq (import) <13865>
Ärende: [CLSA-2000:340] Conectiva Linux Security Announcement - modutils
------------------------------------------------------------
From: secure@CONECTIVA.COM.BR
To: BUGTRAQ@SECURITYFOCUS.COM
Message-ID: <200011222046.SAA31456@frajuto.distro.conectiva>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- -----------------------------------------------------------------------
CONECTIVA LINUX SECURITY ANNOUNCEMENT
- -----------------------------------------------------------------------

PACKAGE   : modutils
SUMMARY   : Local root exploit in modutils
DATE      : 2000-11-22 18:46:00
ID        : CLSA-2000:340
RELEVANT
RELEASES  : 5.1

- ----------------------------------------------------------------------

DESCRIPTION
 The modutils package contains an utility called modprobe which is
 normally used by the kernel when loading modules on demand.
 In versions higher that 2.1.121, the modprobe utility could be
 tricked into executing commands supplied as a module name. A normal
 user cannot load kernel modules, but he/she can make the kernel at
 least try to load a module with a given name by other means. If, as a
 result, modprobe is called (with root privileges), the commands will
 be executed as root or could at least be interpreted as options for
 the modprobe program.


SOLUTION
 All Conectiva Linux 5.1 users should upgrade immediately. Prior
 versions use modutils 2.1.121 (or earlier) that does not contain this
 vulnerability.


 ACKNOWLEDGEMENTS:
 This problem was found by Sebastian Krahmer and first reported to
 Bugtraq by Michal Zalewski.
 We would like to thank Keith Owens for releasing a new version that
 addresses the security issues.


DIRECT DOWNLOAD LINKS TO THE UPDATED PACKAGES
ftp://atualizacoes.conectiva.com.br/5.1/SRPMS/modutils-2.3.21-1cl.src.rpm
ftp://atualizacoes.conectiva.com.br/5.1/i386/modutils-2.3.21-1cl.i386.rpm


- ----------------------------------------------------------------------
All packages are signed with Conectiva's GPG key. The key can be
obtained at http://www.conectiva.com.br/contato

- -----------------------------------------------------------------------
All our advisories and generic update instructions can be viewed at
http://www.conectiva.com.br/suporte/atualizacoes

- ----------------------------------------------------------------------
subscribe: atualizacoes-anuncio-subscribe@papaleguas.conectiva.com.br
unsubscribe: atualizacoes-anuncio-unsubscribe@papaleguas.conectiva.com.br
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE6HDDC42jd0JmAcZARAoGYAJ47H59/8fhWPWWznfGsg6FDlQjq6QCgo09B
RvGgasFckp89sYJPNGmL9uQ=
=TnVy
-----END PGP SIGNATURE-----
(5770108) --------------------------------(Ombruten)