 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.51241 |
| Category: | Red Hat Local Security Checks |
| Title: | RedHat Security Advisory RHSA-2002:137 |
| Summary: | NOSUMMARY |
| Description: | Description: The remote host is missing updates announced in advisory RHSA-2002:137. The util-linux package shipped with Red Hat Linux Advanced Server contains a locally exploitable vulnerability. The util-linux package contains a large variety of low-level system utilities that are necessary for a Linux system to function. The 'chfn' utility included in this package allows users to modify personal information stored in the system-wide password file, /etc/passwd. In order to modify this file, this application is installed setuid root. Under certain conditions, a carefully crafted attack sequence can be performed to exploit a complex file locking and modification race present in this utility allowing changes to be made to /etc/passwd. In order to successfully exploit the vulnerability and perform privilege escalation there is a need for a minimal administrator interaction. Additionally, the password file must be over 4 kilobytes, and the local attackers entry must not be in the last 4 kilobytes of the password file. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2002-0638 to this issue. An interim workaround is to remove setuid flags from /usr/bin/chfn and /usr/bin/chsh. All users of Red Hat Linux should update to the errata util-linux packages which contain a patch to correct this vulnerability. Many thanks to Michal Zalewski of Bindview for alerting us to this issue. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2002-137.html http://www.kb.cert.org/vuls/id/405955 http://razor.bindview.com/publish/advisories/adv_chfn.html Risk factor : High CVSS Score: 6.2 |
| Cross-Ref: |
BugTraq ID: 5344 Common Vulnerability Exposure (CVE) ID: CVE-2002-0638 http://www.securityfocus.com/bid/5344 Bugtraq: 20020729 RAZOR advisory: Linux util-linux chfn local root vulnerability (Google Search) http://marc.info/?l=bugtraq&m=102795787713996&w=2 Bugtraq: 20020730 TSLSA-2002-0064 - util-linux (Google Search) http://archives.neohapsis.com/archives/bugtraq/2002-07/0396.html Caldera Security Advisory: CSSA-2002-043.0 ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-043.0.txt CERT/CC vulnerability note: VU#405955 http://www.kb.cert.org/vuls/id/405955 Conectiva Linux advisory: CLA-2002:523 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000523 HPdes Security Advisory: HPSBTL0207-054 http://online.securityfocus.com/advisories/4320 http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-047.php http://www.osvdb.org/5164 RedHat Security Advisories: RHSA-2002:132 http://rhn.redhat.com/errata/RHSA-2002-132.html http://www.redhat.com/support/errata/RHSA-2002-137.html http://archives.neohapsis.com/archives/bugtraq/2002-07/0357.html http://www.iss.net/security_center/static/9709.php |
| Copyright | Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |