Mandrake Local Security Checks : Mandrake Security Advisory MDKSA-2003:010 (printer-drivers)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.50673

Categoría: Mandrake Local Security Checks

Título: Mandrake Security Advisory MDKSA-2003:010 (printer-drivers)

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing an update to printer-drivers
announced via advisory MDKSA-2003:010.

Karol Wiesek and iDefense disovered three vulnerabilities in the
printer-drivers package and tools it installs. These vulnerabilities
allow a local attacker to empty or create any file on the filesystem.

The first vulnerability is in the mtink binary, which has a buffer
overflow in its handling of the HOME environment variable.

The second vulnerability is in the escputil binary, which has a buffer
overflow in the parsing of the --printer-name command line argument.
This is only possible when esputil is suid or sgid
in Mandrake Linux
9.0 it was sgid sys. Successful exploitation will provide the
attacker with the privilege of the group sys.

The third vulnerability is in the ml85p binary which contains a race
condition in the opening of a temporary file. By default this file is
installed suid root so it can be used to gain root privilege. The only
caveat is that this file is not executable by other, only by root or
group sys. Using either of the two previous vulnerabilities, an
attacker can exploit one of them to obtain sys privilege and then
use that to exploit this vulnerability to gain root privilege.

MandrakeSoft encourages all users to upgrade immediately.

Aside from the security vulnerabilities, a number of bugfixes are
included in this update, for Mandrake Linux 9.0 users. GIMP-Print
4.2.5pre1, HPIJS 1.3, pnm2ppa 1.12, mtink 0.9.53, and a new foomatic
snapshot are included. For a list of the many bugfixes, please refer
to the RPM changelog.

Affected versions: 8.0, 8.1, 8.2, 9.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2003:010
http://www.idefense.com/advisory/01.21.03a.txt

Risk factor : High

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.50673
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2003:010 (printer-drivers)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to printer-drivers announced via advisory MDKSA-2003:010. Karol Wiesek and iDefense disovered three vulnerabilities in the printer-drivers package and tools it installs. These vulnerabilities allow a local attacker to empty or create any file on the filesystem. The first vulnerability is in the mtink binary, which has a buffer overflow in its handling of the HOME environment variable. The second vulnerability is in the escputil binary, which has a buffer overflow in the parsing of the --printer-name command line argument. This is only possible when esputil is suid or sgid in Mandrake Linux 9.0 it was sgid sys. Successful exploitation will provide the attacker with the privilege of the group sys. The third vulnerability is in the ml85p binary which contains a race condition in the opening of a temporary file. By default this file is installed suid root so it can be used to gain root privilege. The only caveat is that this file is not executable by other, only by root or group sys. Using either of the two previous vulnerabilities, an attacker can exploit one of them to obtain sys privilege and then use that to exploit this vulnerability to gain root privilege. MandrakeSoft encourages all users to upgrade immediately. Aside from the security vulnerabilities, a number of bugfixes are included in this update, for Mandrake Linux 9.0 users. GIMP-Print 4.2.5pre1, HPIJS 1.3, pnm2ppa 1.12, mtink 0.9.53, and a new foomatic snapshot are included. For a list of the many bugfixes, please refer to the RPM changelog. Affected versions: 8.0, 8.1, 8.2, 9.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2003:010 http://www.idefense.com/advisory/01.21.03a.txt Risk factor : High
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com