![[LWN Logo]](/images/lcorner.png) |
|
![[LWN.net]](/images/Included.png) |
From: TurboLinux Security Team <security@www1.turbolinux.com>
To: tl-security-announce@www1.turbolinux.com
Subject: [TL-Security-Announce] TLSA2001020 mgetty-1.1.22-7
Date: Fri, 18 May 2001 15:56:23 -0700 (PDT)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_____________________________________________________________________________________________
Turbolinux Security Announcement
Package: mgetty
Vulnerable Packages: All Turbolinux versions prior to 1.1.22
Date: 05/17/2001 5:00 PDT
Affected Turbolinux platforms: TL Workstation 6.1,
TL Server 6.0.5 and earlier
Turbolinux Advisory ID#: TLSA2001020
Reference: http://www.securityfocus.com/vdb/bottom.html?vid=2187
_____________________________________________________________________________________________
A security hole was discovered in the package mentioned above.
Please update the packages in your installation as soon as possible.
_____________________________________________________________________________________________
1. Problem Summary
When mgetty runs, it creates files in the /tmp directory, but it does so
in an insecure fashion, making it quite easy for an attacker to guess the names
of future /tmp files.
2. Impact
It is possible for an attacker to create symbolic links in the /tmp directory so
that he can append to or overwrite system files which, under normal circumstances,
are write-accessible only by the user running the mgetty application(i.e. root).
3. Solution
Update the packages from our ftp server by using the following procedure:
First, uninstall the previous versions of the mgetty packages by
performing the following commands in the given order:
rpm -e mgetty-voice
rpm -e mgetty-viewfax
rpm -e mgetty-sendfax
rpm -e mgetty
If the package getty_ps is installed, uninstall it as well.
Then, install the updated versions of mgetty using the following command:
rpm -ivh ftp_path_to_filename
Where ftp_path_to_filename is the following:
ftp://ftp.turbolinux.com/pub/updates/6.0/security/mgetty-1.1.22-7.i386.rpm
ftp://ftp.turbolinux.com/pub/updates/6.0/security/mgetty-sendfax-1.1.22-7.i386.rpm
ftp://ftp.turbolinux.com/pub/updates/6.0/security/mgetty-viewfax-1.1.22-7.i386.rpm
ftp://ftp.turbolinux.com/pub/updates/6.0/security/mgetty-voice-1.1.22-7.i386.rpm
The source RPM can be downloaded here:
ftp://ftp.turbolinux.com/pub/updates/6.0/SRPMS/mgetty-1.1.22-7.src.rpm
**Note: You must rebuild and install the RPM if you choose to download
and install the SRPM. Simply installing the SRPM alone WILL NOT CLOSE
THE SECURITY HOLE.
**Be sure to have XFree86-devel installed on your system before
using the source rpm to build the mgetty packages.
Please verify the MD5 checksums of the updates before you install:
MD5 sum Package Name
- ---------------------------------------------------------------------------------------------
5de87256cb97ae7ea6260d28d3af9cc7 mgetty-1.1.22-7.i386.rpm
1187e088aee19db37897437a2d761bb7 mgetty-sendfax-1.1.22-7.i386.rpm
6e723db938b07e0934f1ebc6ac9e2599 mgetty-viewfax-1.1.22-7.i386.rpm
25e990cab0eaa51d3e3efcd867ec7664 mgetty-voice-1.1.22-7.i386.rpm
b3b90b7f6a01722c6f6aad21b6ceaa94 mgetty-1.1.22-7.src.rpm
_____________________________________________________________________________________________
These packages are GPG signed by Turbolinux for security. Our key
is available here:
http://www.turbolinux.com/security/tlgpgkey.asc
To verify a package, use the following command:
rpm --checksig name_of_rpm
To examine only the md5sum, use the following command:
md5sum name_of_rpm
**Note: Checking GPG keys requires RPM 3.0 or higher.
_____________________________________________________________________________________________
You can find more updates on our ftp server:
ftp://ftp.turbolinux.com/pub/updates/6.0/security/
for TL6.x Workstation and Server security updates
Our webpage for security announcements:
http://www.turbolinux.com/security
If you want to report vulnerabilities, please contact:
security@turbolinux.com
______________________________________________________________________________________________
Subscribe to the Turbolinux Security Mailing lists:
TL-security - A moderated list for discussing security issues
Turbolinux products.
Subscribe at http://www.turbolinux.com/mailman/listinfo/tl-security
TL-security-announce - An announce-only mailing list for security
updates and alerts. Subscribe at:
http://www.turbolinux.com/mailman/listinfo/tl-security-announce
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: pgpenvelope 2.10.0 - http://pgpenvelope.sourceforge.net/
iD8DBQE7Baikcpw52/ZatwoRAo9/AJ9NQmtN0dmy2zJR3T6J+mFM1gegvACffiau
8gJNM/cUAtL+5f9xyyLVo+c=
=M7Qh
-----END PGP SIGNATURE-----
_______________________________________________
TL-Security-Announce mailing list
TL-Security-Announce@www.turbolinux.com
http://www.turbolinux.com/mailman/listinfo/tl-security-announce