Date: Tue, 8 May 2001 12:14:10 -0400
From: EnGarde Secure Linux <[email protected]>
To: [email protected]Subject: [ESA-20010508-01] glibc local vulnerability
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
+------------------------------------------------------------------------+
| EnGarde Secure Linux Security Advisory May 08, 2001 |
| http://www.engardelinux.org/ ESA-20010508-01 |
| |
| Package: glibc |
| Summary: glibc local vulnerability |
+------------------------------------------------------------------------+
EnGarde Secure Linux is a secure distribution of Linux that features
improved access control, host and network intrusion detection, Web
based secure remote management, complete e-commerce using AllCommerce,
and integrated open source security tools.
OVERVIEW
- --------
There is a vulnerability in the version of 'glibc' which shipped with
EnGarde Secure Linux version 1.0.1, which can lead to an unprivileged
user overwriting files they should not be able to.
DETAIL
- ------
During the development of EnGarde Secure Linux 1.0.1, an oversight was
made and one of the 2-1-branch patches were inadvertently excluded from
the final glibc package. This makes the version of glibc which shipped
with 1.0.1 vulnerable to several attacks by leveraging the LD_PRELOAD,
LD_PROFILE, and SEGFAULT_OUTPUT_NAME environment variables.
SOLUTION
- --------
All users of EnGarde should upgrade to the most recent version, as
outlined in this advisory. All updates can be found at:
ftp://ftp.engardelinux.org/pub/engarde/stable/updates/http://ftp.engardelinux.org/pub/engarde/stable/updates/
To install the updated package, execute the command:
rpm -Uvh <filename>
To verify the signature of the updated packages, execute the command:
rpm -Kv <filename>
It is recommended to reboot the machine after this updated package is
installed.
UPDATED PACKAGES
- ----------------
Source Packages:
SRPMS/glibc-2.1.3-1.0.3.src.rpm
MD5 Sum: ac34faa24fb2d09c8b6cc870909c594f
Binary Packages:
i386/glibc-2.1.3-1.0.3.i386.rpm
MD5 Sum: 3493eaa74736bd0a5e22027280168f5e
All i686 users should be using the above i386 RPM.
REFERENCES
- ----------
Guardian Digital's public key:
http://ftp.engardelinux.org/pub/engarde/ENGARDE-GPG-KEY
Special thanks go to:
Solar Designer <[email protected]>
glibc's official web site:
http://www.gnu.org/software/glibc/
SecurityFocus Bug ID:
http://www.securityfocus.com/bid/2223
- --------------------------------------------------------------------------
$Id: 2001.05.08-glibc,v 1.1 2001/05/08 16:06:37 rwm Exp $
- --------------------------------------------------------------------------
Author: Ryan W. Maple, <[email protected]>
Copyright 2001, Guardian Digital, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE6+BtZHD5cqd57fu0RAnBJAJ42pLp4pdOjLcBKqEfSLGxyceXsPACfYdDR
MZFnc7qwTGSD64kVYo5RPvI=
=7rnP
-----END PGP SIGNATURE-----
------------------------------------------------------------------------
To unsubscribe email [email protected]
with "unsubscribe" in the subject of the message.
Copyright(c) 2001 Guardian Digital, Inc. EnGardeLinux.org
------------------------------------------------------------------------
