what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

suse.aaabase.txt

suse.aaabase.txt
Posted May 2, 2000
Authored by SuSE Security | Site suse.de

SuSE Security Advisory - aaa_base is the basic package which comes with any SuSE Linux installation. Two vulnerabilities have been found: 1) The cron job /etc/cron.daily/aaa_base does a daily checking of files in /tmp and /var/tmp, where old files will be deleted if configured to do so. Please note that this feature is NOT activated by default. 2) Some system accounts have their homedirectories set to /tmp by default. These are the users games, firewall, wwwrun and nobody on a SuSE 6.4.

tags | vulnerability
systems | linux, suse
SHA-256 | 5a3e2e3231a4460b85f1219b5ea705fbcc5e0ff1be6878fc5be1742a41f15b0a

suse.aaabase.txt

Change Mirror Download

-----BEGIN PGP SIGNED MESSAGE-----


UPDATE INFORMATION

The original announcement pointed to update rpms which were old and did
*NOT* fix the vulnerabilities.

We apologize for this mistake.

______________________________________________________________________________

SuSE Security Announcement

Package: aaabase < 2000.5.2
Date: Tue May 2 21:56:21 CEST 2000

Affected SuSE versions: all
Vulnerability Type: remove any local file(s)
executing attacker supplied commands as non-root
SuSE default package: yes
Other affected systems: unknown
______________________________________________________________________________

A security hole was discovered in the package mentioned above.
Please update as soon as possible or disable the service if you are using
this software on your SuSE Linux installation(s).

Other Linux distributions or operating systems might be affected as
well, please contact your vendor for information about this issue.

Please note that we provide this information on an "as-is" basis only.
There is no warranty whatsoever and no liability for any direct, indirect or
incidental damage arising from this information or the installation of
the update package.
_____________________________________________________________________________

1. Problem Description

aaa_base is the basic package which comes with any SuSE Linux installation.
Two vulnerabilities have been found:

1) The cron job /etc/cron.daily/aaa_base does a daily checking of files in
/tmp and /var/tmp, where old files will be deleted if configured to do so.
Please note this this feature is NOT activated by default

2) Some system accounts have their homedirectories set to /tmp by default.
These are the users games, firewall, wwwrun and nobody on a SuSE 6.4.

2. Impact

1) If the /tmp cleanup is activated, any file or directory can be deleted
by any local user

2) If an attacker creates dot files in /tmp (e.g. bash profiles), these
might be executed if someone uses e.g. "su - nobody" to switch to the
nobody user. This can lead to a compromise of that userid.
This vulnerability is present in several other unix systems as well -
please check all!

3. Solution

1) Update the package from our FTP server.

2) The root user will receive a email with the accounts listed which have
a homedirectory in /tmp. You have to fix this by hand, because some
installations might break if they rely on information saved in the (unsafe)
/tmp homedirectory.
The email will give more information what to do.
______________________________________________________________________________

Please verify these md5 checksums of the updates before installing:
(for SuSE 6.0 please use the 6.1 update rpm)

a8204a4929c139e895f3357021647daa ftp://ftp.suse.com/pub/suse/axp/update/6.1/a1/aaa_base-2000.5.2-0.alpha.rpm
5dee42bd0f531922d0b17d859f3d0d0d ftp://ftp.suse.com/pub/suse/axp/update/6.3/a1/aaa_base-2000.5.2-0.alpha.rpm
da8c74f80983beecf23baa62eea45142 ftp://ftp.suse.com/pub/suse/i386/update/6.1/a1/aaa_base-2000.5.2-0.i386.rpm
9618ec3ae63f4d80527a8e3b5f610fc1 ftp://ftp.suse.com/pub/suse/i386/update/6.2/a1/aaa_base-2000.5.2-0.i386.rpm
db53e002b6be652b31262bf89be0c31a ftp://ftp.suse.com/pub/suse/i386/update/6.4/a1/aaa_base-2000.5.2-0.i386.rpm
488eda289876ba3c14dbffb881dc8726 ftp://ftp.suse.com/pub/suse/ppc/update/6.3/a1/aaa_base-2000.5.2-0.ppc.rpm
______________________________________________________________________________

You can find updates on our ftp-Server:

ftp://ftp.suse.com/pub/suse/i386/update for Intel processors
ftp://ftp.suse.com/pub/suse/axp/update for Alpha processors

or try the following web pages for a list of mirrors:
http://www.suse.de/ftp.html
http://www.suse.com/ftp_new.html

Our webpage for patches:
http://www.suse.de/patches/index.html

Our webpage for security announcements:
http://www.suse.de/security

If you want to report vulnerabilities, please contact
security@suse.de
______________________________________________________________________________

SuSE has got two free security mailing list services to which any
interested party may subscribe:

suse-security@suse.com - moderated and for general/linux/SuSE
security discussions. All SuSE security
announcements are sent to this list.

suse-security-announce@suse.com - SuSE's announce-only mailing list.
Only SuSE's security annoucements are sent
to this list.

To subscribe to the list, send a message to:
<suse-security-subscribe@suse.com>

To remove your address from the list, send a message to:
<suse-security-unsubscribe@suse.com>

Send mail to the following for info and FAQ for this list:
<suse-security-info@suse.com>
<suse-security-faq@suse.com>

_____________________________________________________________________________

This information is provided freely to everyone interested and may
be redistributed provided that it is not altered in any way.

Type Bits/KeyID Date User ID
pub 2048/3D25D3D9 1999/03/06 SuSE Security Team <security@suse.de>

Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close