5770108 2000-11-22 18:46 -0200 /71 rader/ <secure@CONECTIVA.COM.BR> Importerad: 2000-11-24 02:27 av Brevbäraren (som är implementerad i) Python Extern mottagare: BUGTRAQ@SECURITYFOCUS.COM Externa svar till: secure@CONECTIVA.COM.BR Mottagare: Bugtraq (import) <13865> Ärende: [CLSA-2000:340] Conectiva Linux Security Announcement - modutils ------------------------------------------------------------ From: secure@CONECTIVA.COM.BR To: BUGTRAQ@SECURITYFOCUS.COM Message-ID: <200011222046.SAA31456@frajuto.distro.conectiva> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ----------------------------------------------------------------------- CONECTIVA LINUX SECURITY ANNOUNCEMENT - ----------------------------------------------------------------------- PACKAGE : modutils SUMMARY : Local root exploit in modutils DATE : 2000-11-22 18:46:00 ID : CLSA-2000:340 RELEVANT RELEASES : 5.1 - ---------------------------------------------------------------------- DESCRIPTION The modutils package contains an utility called modprobe which is normally used by the kernel when loading modules on demand. In versions higher that 2.1.121, the modprobe utility could be tricked into executing commands supplied as a module name. A normal user cannot load kernel modules, but he/she can make the kernel at least try to load a module with a given name by other means. If, as a result, modprobe is called (with root privileges), the commands will be executed as root or could at least be interpreted as options for the modprobe program. SOLUTION All Conectiva Linux 5.1 users should upgrade immediately. Prior versions use modutils 2.1.121 (or earlier) that does not contain this vulnerability. ACKNOWLEDGEMENTS: This problem was found by Sebastian Krahmer and first reported to Bugtraq by Michal Zalewski. We would like to thank Keith Owens for releasing a new version that addresses the security issues. DIRECT DOWNLOAD LINKS TO THE UPDATED PACKAGES ftp://atualizacoes.conectiva.com.br/5.1/SRPMS/modutils-2.3.21-1cl.src.rpm ftp://atualizacoes.conectiva.com.br/5.1/i386/modutils-2.3.21-1cl.i386.rpm - ---------------------------------------------------------------------- All packages are signed with Conectiva's GPG key. The key can be obtained at http://www.conectiva.com.br/contato - ----------------------------------------------------------------------- All our advisories and generic update instructions can be viewed at http://www.conectiva.com.br/suporte/atualizacoes - ---------------------------------------------------------------------- subscribe: atualizacoes-anuncio-subscribe@papaleguas.conectiva.com.br unsubscribe: atualizacoes-anuncio-unsubscribe@papaleguas.conectiva.com.br -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6HDDC42jd0JmAcZARAoGYAJ47H59/8fhWPWWznfGsg6FDlQjq6QCgo09B RvGgasFckp89sYJPNGmL9uQ= =TnVy -----END PGP SIGNATURE----- (5770108) --------------------------------(Ombruten)