---

Home Security

Gentoo Linux Advisories: man, mysql

By 

- - ---------------------------------------------------------------------
GENTOO LINUX SECURITY ANNOUNCEMENT 200303-14
- - ---------------------------------------------------------------------

          PACKAGE : mysql
          SUMMARY : remote root exploit
             DATE : 2003-03-18 18:12 UTC
          EXPLOIT : remote
VERSIONS AFFECTED : <3.23.56
    FIXED VERSION : >=3.23.56
              CVE : 

- - ---------------------------------------------------------------------

"This issue has been adressed in 3.23.56 (release build is started
today), and some steps were taken to alleviate the threat.

In particular, MySQL will no longer read config files that are
world-writeable (and SELECT ... OUTFILE always creates world-writeable
files). Also, unlike other options, for --user option the first one will
have the precedence. So if --user is set in /etc/my.cnf (as it is
recommended in the manual), datadir/my.cnf will not be able to override
it."

quote from:
http://marc.theaimsgroup.com/?l=bugtraq&m=104739810523433&w=2

SOLUTION

It is recommended that all Gentoo Linux users who are running
dev-db/mysql upgrade to mysql-3.23.56 as follows:

emerge sync
emerge mysql
emerge clean

- - ---------------------------------------------------------------------
aliz@gentoo.org - GnuPG key is available at http://cvs.gentoo.org/~aliz
- - ---------------------------------------------------------------------


- - ---------------------------------------------------------------------
GENTOO LINUX SECURITY ANNOUNCEMENT 200303-13
- - ---------------------------------------------------------------------

          PACKAGE : man
          SUMMARY : arbitrary code execution
             DATE : 2003-03-18 18:03 UTC
          EXPLOIT : local
VERSIONS AFFECTED : <1.5l
    FIXED VERSION : >=1.5l
              CVE : CAN-2003-0124

- - ---------------------------------------------------------------------

- From advisory:

"man 1.5l was released today, fixing a bug which results in arbitrary code
execution upon reading a specially formatted man file. The basic problem
is, upon finding a string with a quoting problem, the function my_xsprintf
in util.c will return "unsafe" (rather than returning a string which could
be interpreted by the shell). This return value is passed directly to
system(3) - meaning if there is any program named `unsafe`, it will execute
with the privs of the user."

Read the full advisory at:
http://marc.theaimsgroup.com/?l=bugtraq&m=104740927915154&w=2

SOLUTION

It is recommended that all Gentoo Linux users who are running
sys-apps/man upgrade to man-1.5l as follows:

emerge sync
emerge man
emerge clean

- - ---------------------------------------------------------------------
aliz@gentoo.org - GnuPG key is available at http://cvs.gentoo.org/~aliz
- - ---------------------------------------------------------------------

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis

Must Read

LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.

Our Brands

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.