[ Note: We apologize for being late in bringing you this
security advisory. lt-ed. ]
Caldera Systems, Inc. Security Advisory
Subject: Buffer overflow in mount/umount
Advisory number: CSSA-2000-002.0
Issue date: 2000 February, 3
Cross reference:
1. Problem Description
A buffer overflow has been found in the mount and umount
commands, which are setuid root on Caldera OpenLinux. The overflow
does not appear to be exploitable easily (if at all), but we advise
you to upgrade to the fixed package nevertheless.
2. Vulnerable Versions
System Package
OpenLinux Desktop 2.3 All packages previous to
util-linux-2.9s-5
OpenLinux eServer 2.3 All packages previous to
util-linux-2.9s-5S
3. Solution
Workaround:
If you do not need the user mount feature supported by mount and
umount (which lets any user mount and unmount file systems marked
with the “user” keyword in /etc/fstab), you can simply remove the
setuid bit from both commands:
chmod u-s /bin/mount /bin/umount
The proper solution is to upgrade to the fixed packages.
4. OpenLinux Desktop 2.3
4.1 Location of Fixed Packages
The upgrade packages can be found on Caldera’s FTP site at:
ftp://ftp.calderasystems.com/pub/openlinux/updates/2.3/current/RPMS/
The corresponding source code package can be found at:
ftp://ftp.calderaystems.com/pub/openlinux/updates/2.3/current/SRPMS
4.2 Verification
a205c83972e14b748401341387c6bfbc
RPMS/util-linux-2.9s-5.i386.rpm
4d84c71dcb533bd8d97000138199da71
SRPMS/util-linux-2.9s-5.src.rpm
4.3 Installing Fixed Packages
Upgrade the affected packages with the following commands:
rpm -F util-linux-2.9s-5.i386.rpm
5. OpenLinux eServer 2.3
4.1 Location of Fixed Packages
The upgrade packages can be found on Caldera’s FTP site at:
ftp://ftp.calderasystems.com/pub/eServer/updates/2.3/current/RPMS/
The corresponding source code package can be found at:
ftp://ftp.calderaystems.com/pub/eServer/updates/2.3/current/SRPMS
4.2 Verification
4a8f8941df47c90e77f1b5d232bfffa0
RPMS/util-linux-2.9s-5S.i386.rpm
292a86f1ad9e5aca120abfdda101c319
SRPMS/util-linux-2.9s-5S.src.rpm
4.3 Installing Fixed Packages
Upgrade the affected packages with the following commands:
rpm -F util-linux-2.9s-5S.i386.rpm
6. References
This and other Caldera security resources are located at:
http://www.calderasystems.com/support/security/index.html
7. Disclaimer
Caldera Systems, Inc. is not responsible for the misuse of any
of the information we provide on this website and/or through our
security advisories. Our advisories are a service to our customers
intended to promote secure installation and use of Caldera
OpenLinux.