freebsd announce - Jan 2001 - FreeBSD Security Advisory: FreeBSD-SA-01:12.periodic

-----BEGIN PGP SIGNED MESSAGE-----

============================================================================FreeBSD-SA-01:12
Security Advisory
                                                                FreeBSD, Inc.

Topic:          periodic uses insecure temporary files

Category:       core
Module:         periodic
Announced:      2001-01-29
Credits:        dynamo <dynamo@ime.net>
Affects:        FreeBSD 4.1-STABLE after 2000-09-20, 4.1.1-RELEASE,
		and 4.1.1-STABLE prior to the correction date.
		No FreeBSD 3.x versions are affected.
Corrected:      2000-11-11
FreeBSD only:   Yes

I.   Background

periodic is a program to run periodic system functions.

II.  Problem Description

A vulnerability was inadvertently introduced into periodic that caused
temporary files with insecure file names to be used in the system's
temporary directory.  This may allow a malicious local user to cause
arbitrary files on the system to be corrupted.

By default, periodic is normally called by cron for daily, weekly, and
monthly maintenance.  Because these scripts run as root, an attacker
may potentially corrupt any file on the system.

FreeBSD 4.1-STABLE after 2000-09-20, 4.1.1-RELEASE, and 4.1.1-STABLE
prior to the correction date are vulnerable.  The problem was
corrected prior to the release of FreeBSD 4.2.

III. Impact

Malicious local users can cause arbitrary files on the system to be
corrupted.

IV.  Workaround

Do not allow periodic to be used in untrusted multi-user environments.

Disable the normal periodic system maintenance scripts by either
commenting-out or removing the periodic entries in /etc/crontab.

V.   Solution

One of the following:

1) Upgrade the vulnerable FreeBSD system to 4.1.1-STABLE after the
correction date.

2) Affected FreeBSD 4.x systems prior to the correction date:

Download the patch and the detached PGP signature from the following
locations, and verify the signature using your PGP utility.

ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-01:12/periodic.patch
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-01:12/periodic.patch.asc

Execute the following commands as root:

# cd /usr/src/usr.sbin/periodic
# patch -p < /path/to/patch
# make depend && make all install
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (FreeBSD)
Comment: For info see http://www.gnupg.org

iQCVAwUBOnXXDlUuHi5z0oilAQF2ngP6AoaNPtHkCuJwT07dKfayh9GH14G1HXsK
SN3LznlLG3CyK4WBVGnx32p5Ct3zP0sO0QS+UAY9hMDMBprkUN6ewfuJ7gjczffv
GgVBeWRxOOdH+/wpYkcTsg7sxKFWqg+xSZAzJEDBAqiFigf/xIrrrCtrDiDvGED2
8/9DxH59f0g=ZUss
-----END PGP SIGNATURE-----


This is the moderated mailing list freebsd-announce.
The list contains announcements of new FreeBSD capabilities,
important events and project milestones.
See also the FreeBSD Web pages at http://www.freebsd.org


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-announce" in the body of the message