SA-1997.09.txt
0d4d584cf05c24a87635e7fefb5b4c24ba8db9aea1d5a5873fba0301101de299
-----BEGIN PGP SIGNED MESSAGE-----
Subject: Caldera Security Advisory SA-1997.09: /var/log/messages vulnerability
Caldera Security Advisory SA-1997.09
Original report date: 25-Jun-1997 (actually much earlier)
Original issue date: 8-Jul-1997
Last revised: 22-Jul-1997
Topic: /var/log/messages vulnerability
I. Problem Description
On systems such as Caldera Network Desktop 1.0 and OpenLinux 1.0,
the file /var/log/messages is readable by all users.
Passwords inadvertently mis-typed at the "login:" prompt are recorded
in this log file thus making passwords available or easy to guess.
For this vulnerability to be exposed, the system must have the file
/var/log/messages world readable.
II. Impact
Passwords inadvertently mis-typed at the "login:" prompt (either by
hand or via PPP login scripts) are recorded in this log file thus
making them publicly available or at least easy to guess.
Other security related information may be recorded in this file.
III. Solution
As a permanent fix, make the log file un-readable by others with the
following command:
chmod go-rwx /var/log/messages
Caldera OpenLinux 1.1 is shipped in this state.
IV. References / Credits
This and other Caldera security resources are located at:
http://www.caldera.com/tech-ref/security/
Cataloged on "Reptile's Linux Security Page":
http://www.users.interport.net/~reptile/linux/
One exploit is available from Dave G. (12/06/96) <daveg@escape.com>
at the above web page.
This advisory closes Caldera's internal bug report #814 reported
by Erik Ratcliffe.
$Id: SA-1997.09,v 1.4 1997/07/22 17:19:31 ron Exp $
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3a
Charset: noconv
iQCVAwUBM9Txaen+9R4958LpAQHkUQQAj/Rmu7o/Vzq9t60nxj34FJmoqJIyum0A
ig3dJPFeIY5cccMZjoVQG7xJWoi4SEx5P7bHO4hEzH54tQahc5tSc4Lemj3zETYO
pz0NbWZFBJM1pzyMx1QKrGVkVQ+NLN7DwkBIWw2Tb1MEy8qk10nZ0zjQhKlauMSa
eueAzXsyW+Y=
=AlFk
-----END PGP SIGNATURE-----