Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs


Top White Papers

More on LinuxToday


Progeny Security Advisory: Local root vulnerability in sendfiled

Apr 20, 2001, 21:30 (0 Talkback[s])
From: Progeny Security Team <security@progeny.com>
Subject: PROGENY-SA-2001-08: Local root vulnerability in sendfiled
Date: Fri, 20 Apr 2001 13:11:35 -0500 (EST)

PROGENY LINUX SYSTEMS -- SECURITY ADVISORY               PROGENY-SA-2001-08

    Topic:          Local root vulnerability in sendfiled
    Software:       sendfile
    Announced:      2001-04-19
    Credits:        Colin Phipps <cphipps@doomworld.com>
                    Daniel Kobras
                    Ulli Horlacher <framstag@rus.uni-stuttgart.de>
                    Martin Schulze <joey@infodrom.north.de>
    Affects:        Progeny Debian (sendfile prior to 2.1-24)
                    Debian GNU/Linux potato (sendfile prior to 2.1-20.2)
                    Debian GNU/Linux woody/sid (sendfile prior to 2.1-24)
    Vendor-Status:  New Version Released (sendfile 2.1-24)
    Corrected:      2001-04-20

Progeny Only: NO

$Id: PROGENY-SA-2001-08,v 1.2 2001/04/20 18:05:01 jgoerzen Exp $


DESCRIPTION

Local users on a system may be able to exploit security flaws in sendfiled to obtain root privileges.

SOLUTION (See also: UPDATING VIA APT-GET)

Upgrade to a fixed version of sendfile. sendfile version 2.1-24 corrects the problem. For your convenience, you may upgrade to the sendfile_2.1-24 package.

WORKAROUND

sendfile may not be a vital system utility in every installation. If you prefer, you can remove rather than upgrade sendfile. To remove it, use this command:

dpkg --remove sendfile

UPDATING VIA APT-GET

  1. Ensure that your /etc/apt/sources.list file has a URI for Progeny's update repository:

deb http://archive.progeny.com/progeny updates/newton/

2. Update your cache of available packages for apt(8).

Example:

# apt-get update

3. Using apt(8), install the new package. apt(8) will download the

update, verify its integrity with md5, and then install the package on your system with dpkg(8).

Example:

# apt-get install sendfile

UPDATING VIA DPKG

  1. Using your preferred FTP/HTTP client to retrieve the following updated files from Progeny's update archive at:

http://archive.progeny.com/progeny/updates/newton/

MD5 Checksum Filename


903eef59cc9253d6d732326eafe9c307 sendfile_2.1-24_i386.deb/

Example:

        # wget \
        http://archive.progeny.com/progeny/updates/newton/sendfile_2.1-24_i386.deb

2. Use the md5sum command on the retrieved files to verify that they

match the md5sum provided in this advisory:

Example:

# md5sum sendfile_2.1-24_i386.deb/

3. Then install the replacement package(s) using the dpkg command.

Example:

# dpkg --install sendfile_2.1-24_i386.deb/

MORE INFORMATION

This issue was first documented at bug #74068 in the Debian GNU/Linux bug tracking system. Information on this bug report is available at http://bugs.debian.org/76048.

Progeny advisories can be found at http://www.progeny.com/security/.


pub 1024D/F92D4D1F 2001-04-04 Progeny Security Team <security@progeny.com>