dcsimg
Linux Today: Linux News On Internet Time.





More on LinuxToday


Conectiva Linux Security Announcement - modutils

Nov 24, 2000, 17:34 (0 Talkback[s])

Date: Wed, 22 Nov 2000 18:46:59 -0200
From: secure@CONECTIVA.COM.BR
To: BUGTRAQ@SECURITYFOCUS.COM
Subject: [CLSA-2000:340] Conectiva Linux Security Announcement - modutils


CONECTIVA LINUX SECURITY ANNOUNCEMENT


PACKAGE   : modutils
SUMMARY   : Local root exploit in modutils
DATE      : 2000-11-22 18:46:00
ID        : CLSA-2000:340
RELEVANT
RELEASES  : 5.1

DESCRIPTION
The modutils package contains an utility called modprobe which is normally used by the kernel when loading modules on demand. In versions higher that 2.1.121, the modprobe utility could be tricked into executing commands supplied as a module name. A normal user cannot load kernel modules, but he/she can make the kernel at least try to load a module with a given name by other means. If, as a result, modprobe is called (with root privileges), the commands will be executed as root or could at least be interpreted as options for the modprobe program.

SOLUTION
All Conectiva Linux 5.1 users should upgrade immediately. Prior versions use modutils 2.1.121 (or earlier) that does not contain this vulnerability.

ACKNOWLEDGEMENTS:
This problem was found by Sebastian Krahmer and first reported to Bugtraq by Michal Zalewski. We would like to thank Keith Owens for releasing a new version that addresses the security issues.

DIRECT DOWNLOAD LINKS TO THE UPDATED PACKAGES
ftp://atualizacoes.conectiva.com.br/5.1/SRPMS/modutils-2.3.21-1cl.src.rpm
ftp://atualizacoes.conectiva.com.br/5.1/i386/modutils-2.3.21-1cl.i386.rpm


All packages are signed with Conectiva's GPG key. The key can be obtained at
http://www.conectiva.com.br/contato


All our advisories and generic update instructions can be viewed at
http://www.conectiva.com.br/suporte/atualizacoes