- - --------------------------------------------------------------------
GENTOO LINUX SECURITY ANNOUNCEMENT
- - --------------------------------------------------------------------
PACKAGE :tar
SUMMARY :directory-traversal vulnerability
DATE :2002-10-01 12:30 UTC
- - --------------------------------------------------------------------
OVERVIEW
The tar utility contain vulnerabilities which can allow
arbitrary files to be overwritten during archive extraction.
DETAIL
During testing by Redhat of the fix to GNU tar from the advisory below,
it was discovered that GNU tar 1.13.25 was still vulnerable to a
modified version of the same problem.
Read the full original advisory at
http://marc.theaimsgroup.com/?l=bugtraq&m=99496364810666&w=2
SOLUTION
It is recommended that all Gentoo Linux users who are running
sys-apps/tar-1.13.25-r2 and earlier update their systems
as follows:
emerge rsync
emerge tar
emerge clean
- - --------------------------------------------------------------------
aliz@gentoo.org - GnuPG key is available at www.gentoo.org/~aliz
- - --------------------------------------------------------------------
- - --------------------------------------------------------------------
GENTOO LINUX SECURITY ANNOUNCEMENT
- - --------------------------------------------------------------------
PACKAGE :fetchmail
SUMMARY :remote vulnerabilities
DATE :2002-10-01 09:30 UTC
- - --------------------------------------------------------------------
OVERVIEW
Stefan Esser from e-matters has discovered several buffer overflows and
a broken boundary check within Fetchmail.
DETAIL
If Fetchmail is running in multidrop mode these flaws can be used by
remote attackers to crash it or to execute arbitrary code with the
permissions of the user running fetchmail. Depending on the configuration
this allows a remote root compromise.
Read the full advisory at
http://security.e-matters.de/advisories/032002.html
SOLUTION
It is recommended that all Gentoo Linux users who are running
net-mail/fetchmai-0.59.14 and earlier update their systems
as follows:
emerge rsync
emerge fetchmail
emerge clean
- - --------------------------------------------------------------------
aliz@gentoo.org - GnuPG key is available at www.gentoo.org/~aliz
- - --------------------------------------------------------------------
- - --------------------------------------------------------------------
GENTOO LINUX SECURITY ANNOUNCEMENT
- - --------------------------------------------------------------------
PACKAGE :unzip
SUMMARY :directory-traversal vulnerability
DATE :2002-10-01 10:30 UTC
- - --------------------------------------------------------------------
OVERVIEW
Archive extraction is usually treated by users as a safe operation.
There are few problems with files extraction though.
DETAIL
Among them: huge files with high compression ratio are able to fill
memory/disk (see "Antivirus scanner DoS with zip archives" thread on
Vuln-Dev), special device names and special characters in file names,
directory traversal (dot-dot bug). Probably, directory traversal is
most dangerous among this bugs, because it allows to craft archive
which will trojan system on extraction. This problem is known for
software developers, and newer archivers usually have some kind of
protection. But in some cases this protection is weak and can be
bypassed. I did very quick (approx. 30 minutes, so may be I've missed
something) researches on few popular archivers. Results are below.
Read the full advisory at
http://marc.theaimsgroup.com/?l=bugtraq&m=99496364810666&w=2
SOLUTION
It is recommended that all Gentoo Linux users who are running
app-arch/unzip-5.42-r1 and earlier update their systems
as follows:
emerge rsync
emerge unzip
emerge clean
- - --------------------------------------------------------------------
aliz@gentoo.org - GnuPG key is available at www.gentoo.org/~aliz
- - --------------------------------------------------------------------
- - --------------------------------------------------------------------
GENTOO LINUX SECURITY ANNOUNCEMENT
- - --------------------------------------------------------------------
PACKAGE :python
SUMMARY :os.execvpe() vulnerability
DATE :2002-10-03 14:45 UTC
- - --------------------------------------------------------------------
OVERVIEW
By exploiting this vulnerability a local attacker can execute
arbitrary code with the privileges of the user running python code
which uses the execvpe() method.
DETAIL
Zack Weinberg found a vulnerability in the way the exevpe() method
from the os.py module uses a temporary file name. A file which
supposedly should not exist is created in a unsafe way and the method
tries to execute it. The objective of such code is to discover what
error the operating system returns in a portable way.
SOLUTION
It is recommended that all Gentoo Linux users who are running
dev-lang/python-2.2.1-r4 and earlier update their systems
as follows:
emerge rsync
emerge python
emerge clean
- - --------------------------------------------------------------------
aliz@gentoo.org - GnuPG key is available at www.gentoo.org/~aliz
- - --------------------------------------------------------------------
Articles
View All Hover to load posts
Articles
View All Hover to load posts
Articles
View All Hover to load posts
Articles
View All Hover to load posts
Articles
View All Hover to load posts
Articles
View All Hover to load posts
Articles
View All Hover to load posts
Articles
View All Hover to load posts
