Date: Wed, 2 Aug 2000 17:11:48 -0300
From: secure@CONECTIVA.COM.BR
To: BUGTRAQ@SECURITYFOCUS.COM
Subject: CONECTIVA LINUX SECURITY ANNOUNCEMENT – mailman
CONECTIVA LINUX SECURITY ANNOUNCEMENT
PACKAGE : mailman
SUMMARY : Obtaining mailman user privilieges
DATE : 2000-08-02
AFFECTED CONECTIVA VERSIONS : 4.1, 4.2, 5.0 and 5.1
DESCRIPTION
The wrapper program supplied with the mailman package has a format
bug which could be exploited to obtain the privileges of the
mailman user. This user has read and write access to all files of
the mailman package.
Note that this vulnerability can only be exploited by local users
with shell access.
SOLUTION
All mailman users should upgrade to the package listed below.
Besides the security fix, this version also fixes a problem with
the authorization cookie used for the admin pages.
DIRECT DOWNLOAD LINKS TO UPDATED PACKAGES
ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/4.1/i386/mailman-2.0beta5-1cl.i386.rpm
ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/4.2/i386/mailman-2.0beta5-1cl.i386.rpm
ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/5.0/i386/mailman-2.0beta5-1cl.i386.rpm
ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/5.1/i386/mailman-2.0beta5-1cl.i386.rpm
DIRECT LINK TO THE SOURCE PACKAGES
ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/4.1/SRPMS/mailman-2.0beta5-1cl.src.rpm
ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/4.2/SRPMS/mailman-2.0beta5-1cl.src.rpm
ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/5.0/SRPMS/mailman-2.0beta5-1cl.src.rpm
ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/5.1/SRPMS/mailman-2.0beta5-1cl.src.rpm
All packages are signed with Conectiva’s PGP key. The key can be
obtained at http://www.conectiva.com.br/conectiva/contato.html