The OpenNET Project
 
Search (keywords):  SOFT ARTICLES TIPS & TRICKS SECURITY
LINKS NEWS MAN DOCUMENTATION


FreeBSD Security Advisory: FreeBSD-SA-01:12.periodic [REVISED]


<< Previous INDEX Search src Set bookmark Go to bookmark Next >>
Date: Mon, 29 Jan 2001 13:06:12 -0800
From: FreeBSD Security Advisories <security-advisories@freebsd.org.>
To: [email protected]
Subject: FreeBSD Security Advisory: FreeBSD-SA-01:12.periodic [REVISED]

-----BEGIN PGP SIGNED MESSAGE-----


FreeBSD-SA-01:12 Security Advisory FreeBSD, Inc. Topic: periodic uses insecure temporary files [REVISED] Category: core Module: periodic Announced: 2001-01-29 Revised: 2001-01-29 Credits: David Lary <dlary@secureworks.net.> Affects: FreeBSD 4.1-STABLE after 2000-09-20, 4.1.1-RELEASE, and 4.1.1-STABLE prior to the correction date. No FreeBSD 3.x versions are affected. Corrected: 2000-11-11 FreeBSD only: Yes 0. Revision History v1.0 2001-01-29 Initial release v1.1 2001-01-29 Correctly credit original problem reporter I. Background periodic is a program to run periodic system functions. II. Problem Description A vulnerability was inadvertently introduced into periodic that caused temporary files with insecure file names to be used in the system's temporary directory. This may allow a malicious local user to cause arbitrary files on the system to be corrupted. By default, periodic is normally called by cron for daily, weekly, and monthly maintenance. Because these scripts run as root, an attacker may potentially corrupt any file on the system. FreeBSD 4.1-STABLE after 2000-09-20, 4.1.1-RELEASE, and 4.1.1-STABLE prior to the correction date are vulnerable. The problem was corrected prior to the release of FreeBSD 4.2. III. Impact Malicious local users can cause arbitrary files on the system to be corrupted. IV. Workaround Do not allow periodic to be used in untrusted multi-user environments. Disable the normal periodic system maintenance scripts by either commenting-out or removing the periodic entries in /etc/crontab. V. Solution One of the following: 1) Upgrade the vulnerable FreeBSD system to 4.1.1-STABLE after the correction date. 2) Affected FreeBSD 4.x systems prior to the correction date: Download the patch and the detached PGP signature from the following locations, and verify the signature using your PGP utility. ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-01:12/periodic.patch ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-01:12/periodic.patch.asc Execute the following commands as root: # cd /usr/src/usr.sbin/periodic # patch -p < /path/to/patch # make depend && make all install -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (FreeBSD) Comment: For info see http://www.gnupg.org iQCVAwUBOnXa7lUuHi5z0oilAQHW2AP7BP+YRA93Guy+ImRy1O2IHw/6qYBivSA1 fpYrTERUyyBHbe04KypWjloHfzvKIZoYApXdleECkVBPMYwNPNixTYVrU4zR4qbC EjgtF4OhjLjmO/LqbKPiwDC7TEWWi3OtPWwpJlqT7uNoHmg+o6ySTJPPyrpAFuUQ FS8I+DjVESA= =wBFp -----END PGP SIGNATURE-----

<< Previous INDEX Search src Set bookmark Go to bookmark Next >>



Партнёры:
PostgresPro
Inferno Solutions
Hosting by Hoster.ru
Хостинг:

Закладки на сайте
Проследить за страницей
Created 1996-2024 by Maxim Chirkov
Добавить, Поддержать, Вебмастеру