Cristian Gafton
2000-Apr-12 08:17 UTC
[SECURITY] RHSA-2000:009-02.text: New gpm packages available
-----BEGIN PGP SIGNED MESSAGE----- - --------------------------------------------------------------------- Red Hat, Inc. Security Advisory Synopsis: gpm Advisory ID: RHSA-2000:009-02 Issue date: 2000-04-07 Updated on: 2000-04-10 Product: Red Hat Linux Keywords: gpm gpm-root gid 0 priviledge Cross references: N/A - --------------------------------------------------------------------- 1. Topic: gpm-root (part of the gpm packge) fails to drop gid 0 priviledges when executing user commands. 2. Relevant releases/architectures: Red Hat Linux 4.2 - alpha i386 sparc Red Hat Linux 5.2 - i386 alpha sparc Red Hat Linux 6.0 - alpha i386 sparc Red Hat Linux 6.1 - i386 alpha sparc Red Hat Linux 6.2 - alpha i386 sparc 3. Problem description: gpm is a cut and paste utility and mouse server for virtual consoles. As part of this package, the gpm-root program allows people to define menus and actions for display when clicking on the background of current tty. The current gpm-root program fails to correctly give up the group id 0 membership for user defined menus. If you are running gpm-root on your system then you are at risk. 4. Solution: For each RPM for your particular architecture, run: rpm -Fvh [filename] where filename is the name of the RPM. 5. Bug IDs fixed (http://bugzilla.redhat.com/bugzilla for more info): 10340 - Exploit in gpm-root. 10644 - gpm security problem in gpm-root 6. Obsoleted by: N/A 7. Conflicts with: N/A 8. RPMs required: Red Hat Linux 4.2: alpha: ftp://updates.redhat.com/4.2/alpha/gpm-1.19.1-0.4.2.alpha.rpm intel: ftp://updates.redhat.com/4.2/i386/gpm-1.19.1-0.4.2.i386.rpm sparc: ftp://updates.redhat.com/4.2/sparc/gpm-1.19.1-0.4.2.sparc.rpm sources: ftp://updates.redhat.com/4.2/SRPMS/gpm-1.19.1-0.4.2.src.rpm Red Hat Linux 5.2: intel: ftp://updates.redhat.com/5.2/i386/gpm-1.19.1-0.5.2.i386.rpm alpha: ftp://updates.redhat.com/5.2/alpha/gpm-1.19.1-0.5.2.alpha.rpm sparc: ftp://updates.redhat.com/5.2/sparc/gpm-1.19.1-0.5.2.sparc.rpm sources: ftp://updates.redhat.com/5.2/SRPMS/gpm-1.19.1-0.5.2.src.rpm Red Hat Linux 6.0, 6.1, 6.2: alpha: ftp://updates.redhat.com/6.2/alpha/gpm-1.19.1-1.alpha.rpm intel: ftp://updates.redhat.com/6.2/i386/gpm-1.19.1-1.i386.rpm sparc: ftp://updates.redhat.com/6.2/sparc/gpm-1.19.1-1.sparc.rpm sources: ftp://updates.redhat.com/6.2/SRPMS/gpm-1.19.1-1.src.rpm 9. Verification: MD5 sum Package Name - -------------------------------------------------------------------------- b8278a5d0a867a2fd8e6ac4a927627cb 4.2/alpha/gpm-1.19.1-0.4.2.alpha.rpm c5075756a0f74c36a94c78ccda496412 4.2/sparc/gpm-1.19.1-0.4.2.sparc.rpm b3d87c92880a9bf80d0fd3ff944e907b 4.2/SRPMS/gpm-1.19.1-0.4.2.src.rpm 7112c804fd008e137f8d6551460c10d7 4.2/i386/gpm-1.19.1-0.4.2.i386.rpm 79ebec95b2d6e48f60d4e34cfdee6f93 5.2/i386/gpm-1.19.1-0.5.2.i386.rpm c4cdced5149e773733458c234ede2ac7 5.2/SRPMS/gpm-1.19.1-0.5.2.src.rpm 330e555a09e7b5c85187d348dbf453e6 5.2/alpha/gpm-1.19.1-0.5.2.alpha.rpm 5ceda554f2549c100a88d6370e45e2f6 5.2/sparc/gpm-1.19.1-0.5.2.sparc.rpm 867c4316ec0645fd8e51b674646ef44d 6.2/alpha/gpm-1.19.1-1.alpha.rpm fbeb89d319776e7eb3af1db15679e93f 6.2/sparc/gpm-1.19.1-1.sparc.rpm 86a800ce94206877edc4f6e88272deee 6.2/i386/gpm-1.19.1-1.i386.rpm 8dedce47f4e6aa7bbfb36d9630561cd4 6.2/SRPMS/gpm-1.19.1-1.src.rpm These packages are GPG signed by Red Hat, Inc. for security. Our key is available at: http://www.redhat.com/corp/contact.html You can verify each package with the following command: rpm --checksig <filename> If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg <filename> 10. References: http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000322182143.4498.qmail@securityfocus.com Thanks also go to Egmont Koblinger and the members of the Bugtraq list. Cristian - -- - ---------------------------------------------------------------------- Cristian Gafton -- gafton@redhat.com -- Red Hat, Inc. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "How could this be a problem in a country where we have Intel and Microsoft?" --Al Gore on Y2K -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBOPSTkfGvxKXU9NkBAQFT2wP/Q1CA/zlLy3sii398LoOgW3KCnQNVlSC4 A1QwJXAzLTKTkifgnkKcxMJ1oQ8Xym7LvvsqIUKICrATeL4zEpBVyls/xx/sDp6x LaMf03yP0ihWnpkKL7/1xqiQ3bq8fAA1FnbpQUvzFZ2uJ+RobiDLQ97G58nLPIn6 MY8sVj6zCks=Lh1D -----END PGP SIGNATURE-----
Maybe Matching Threads
- Re: IPMASQ and lock-up of all terminals ---- Sum mary and update
- [RHSA-2000:045-01] gpm security flaws have been addressed
- SECURITY: RHSA-1999:033 Buffer overflow problem in the inews program
- [RHSA-1999:042-01] screen defaults to not using Unix98 ptys
- Forw: new lpr package