Date: Mon, 15 Jan 2001 17:11:05 -0700
From: Caldera Support Info sup-info@LOCUTUS4.CALDERASYSTEMS.COM
To: BUGTRAQ@SECURITYFOCUS.COM
Subject: Caldera Systems Security Advisory
Caldera Systems, Inc. Security Advisory
Subject: temp file problems in inn
Advisory number: CSSA-2001-001.0
Issue date: 2001 January, 11
Cross reference:
1. Problem Description
INN uses a temporary directory for several operations. Those
operations use it in a unsecure manner, which would allow an
attacker to gain access to the ‘news’ user. Since INN is not
supposed to work in a public temporary directory, please use the
described workaround to change the temp directory to a news private
one.
2. Vulnerable Versions
System Package
OpenLinux Desktop 2.3 All released inn packages OpenLinux eServer 2.3.1 All released inn packages and OpenLinux eBuilder OpenLinux eDesktop 2.4 All released inn packages
3. Solution
Workaround:
Edit /etc/news/inn.conf, change the line
pathtmp: /var/tmp
to read
pathtmp: /var/run/news
After this, restart INN by running as root:
/etc/rc.d/init.d/news stop
/etc/rc.d/init.d/news start
4. OpenLinux Desktop 2.3
No fixed packages released, see workaround above.
5. OpenLinux eServer 2.3.1 and OpenLinux eBuilder for ECential
3.0
No fixed packages released, see workaround above.
6. OpenLinux eDesktop 2.4
No fixed packages released, see workaround above.
7. References
This and other Caldera security resources are located at:
http://www.calderasystems.com/support/security/index.html
This security fix closes Caldera’s internal Problem Report
8673.
8. Disclaimer
Caldera Systems, Inc. is not responsible for the misuse of any
of the information we provide on this website and/or through our
security advisories. Our advisories are a service to our customers
intended to promote secure installation and use of Caldera
OpenLinux.
9. Acknowledgements
Caldera Systems, Inc. wishes to thank the Team at Immunix, Greg
KH at Wirex and Solar Designer for drawing our attention, and their
cooperation.