---

Home Security

Caldera Security Advisory: Security problem (setuid) with dump

By

Caldera Systems, Inc. Security Advisory

Subject: Security problem (setuid) with dump
Advisory number: CSSA-2000-004.0
Issue date: 2000 March, 6
Cross reference:

1. Problem Description

OpenLinux contains a pair of utilities called dump and restore,
intended to support backup and recovery of files.

There is a buffer overflow in the way the dump command handles
certain arguments. This bug can be exploited to obtain group tty
privilege.

2. Vulnerable Versions

   System                       Package
   -----------------------------------------------------------
   OpenLinux Desktop 2.3        All packages previous to
                                dump-0.4b4-8

   OpenLinux eServer 2.3        All packages previous to
                                dump-0.4b4-8

3. Solution

Workaround:

If you do not use dump and restore, remove the RPM:

rpm -e dump

Alternatively, remove the setuid and setgid bit from these
commands:

chmod 555 /sbin/dump /sbin/restore:

The upgrade RPMs provided by Caldera do just this (i.e. removing
the s bits from both binaries).

The proper solution is to upgrade to the fixed packages.

4. OpenLinux Desktop 2.3

4.1 Location of Fixed Packages

The upgrade packages can be found on Caldera’s FTP site at:


ftp://ftp.calderasystems.com/pub/openlinux/updates/2.3/current/RPMS/

The corresponding source code package can be found at:


ftp://ftp.calderaystems.com/pub/openlinux/updates/2.3/current/SRPMS

4.2 Verification

       96136401e7edca0eb43a226ce5adea98  RPMS/dump-0.4b4-8.i386.rpm
       39210c6a3b91cff761e438026379e308  SRPMS/dump-0.4b4-8.src.rpm

4.3 Installing Fixed Packages

Upgrade the affected packages with the following commands:

rpm -F dump-0.4b4-8.i386.rpm

5. OpenLinux eServer 2.3

5.1 Location of Fixed Packages

The upgrade packages can be found on Caldera’s FTP site at:


ftp://ftp.calderasystems.com/pub/eServer/updates/2.3/current/RPMS/

The corresponding source code package can be found at:


ftp://ftp.calderaystems.com/pub/eServer/updates/2.3/current/SRPMS

5.2 Verification

       41e4fe9629bf461123e319f3e4c6abf3  RPMS/dump-0.4b4-8.i386.rpm
       7a8eb6e8254c40d7dcd7f9fe0b5a4890  SRPMS/dump-0.4b4-8.src.rpm

5.3 Installing Fixed Packages

Upgrade the affected packages with the following commands:

rpm -F dump-0.4b4-8.i386.rpm

6. References

This and other Caldera security resources are located at:

http://www.calderasystems.com/support/security/index.html

7. Disclaimer

Caldera Systems, Inc. is not responsible for the misuse of any
of the information we provide on this website and/or through our
security advisories. Our advisories are a service to our customers
intended to promote secure installation and use of Caldera
OpenLinux.

Complete Story
Previous article
Next article

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis

Must Read

LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.

Our Brands

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.