Package: nedit
Announcement-ID: SuSE-SA:2001:14
Date: Wednesday, April 18th, 2001 13.06 MEST
Affected SuSE versions: [6.1, 6.2] 6.3, 6.4, 7.0, 7.1
Vulnerability Type: locoal privilege escalation
Severity (1-10): 3
SuSE default package: no
Other affected systems: all systems using nedit
Content of this advisory:
1) security vulnerability resolved: nedit
problem description, discussion, solution and upgrade information
2) pending vulnerabilities, solutions, workarounds
3) standard appendix (further information)
problem description, brief discussion, solution, upgrade
information
The Nirvana Editor, NEdit, is a GUI-style text editor based on
popular Macintosh and MS Windows editors.
When printing a whole text or selected parts of a text, nedit(1)
creates a temporary file in an insecure manner. This behavior could
be exploited to gain access to other users privileges, even
root.
There is no workaround possible, because tmpnam(3) ignores the
TMPDIR environment variable. Just install the new RPM to fix this
problem.
Download the update package from locations described below and
install the package with the command `rpm -Uhv file.rpm'. The
md5sum for each file is in the line below. You can verify the
integrity of the rpm files using the command
`rpm --checksig --nogpg file.rpm', independently from the md5
signatures below.
2) Pending vulnerabilities in SuSE Distributions and
Workarounds:
New RPMs for HylaFax, a Fax Server, are currently being build,
which fix a format bug in hfaxd, which could lead to local root
privilege.
Updated man RPMs will be available in a few days.
In the past weeks, some security related bugs in the Linux
kernel 2.2 and 2.4 were found. An announcement, that addresses this
will be released this week.
Samba has serveral security problems, which could lead to local
root access. Samba 2.0.8 fixes these problems. New RPMs are
currently being build.
3) standard appendix:
SuSE runs two security mailing lists to which any interested
party may subscribe:
The information in this advisory may be distributed or
reproduced, provided that the advisory is not modified in any way.
SuSE GmbH makes no warranties of any kind whatsoever with respect
to the information contained in this security advisory. Bye,
Thomas
--
Thomas Biege, SuSE GmbH, Schanzaeckerstr. 10, 90443 Nuernberg
E@mail: thomas@suse.de Function: Security Support & Auditing
"lynx -source http://www.suse.de/~thomas/thomas.pgp | pgp -fka"
Key fingerprint = 51 AD B9 C7 34 FC F2 54 01 4A 1C D4 66 64 09 84