CVE ID:	CVE-2010-2059
Description:	lib/fsm.c in RPM 4.8.0 and unspecified 4.7.x and 4.6.x versions, and RPM before 4.4.3, does not properly reset the metadata of an executable file during replacement of the file in an RPM package upgrade, which might allow local users to gain privileges by creating a hard link to a vulnerable (1) setuid or (2) setgid file.
Test IDs:	1.3.6.1.4.1.25623.1.0.67908   1.3.6.1.4.1.25623.1.0.122323   1.3.6.1.4.1.25623.1.0.67683   1.3.6.1.4.1.25623.1.0.880603   1.3.6.1.4.1.25623.1.0.67694   1.3.6.1.4.1.25623.1.0.68110
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2010-2059 20110308 VMSA-2011-0004 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm. http://www.securityfocus.com/archive/1/516909/100/0/threaded 40028 http://secunia.com/advisories/40028 65143 http://www.osvdb.org/65143 ADV-2011-0606 http://www.vupen.com/english/advisories/2011/0606 MDVSA-2010:180 http://www.mandriva.com/security/advisories?name=MDVSA-2010:180 RHSA-2010:0679 http://www.redhat.com/support/errata/RHSA-2010-0679.html SUSE-SR:2010:014 http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html SUSE-SR:2010:017 http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html [oss-security] 20100602 CVE Request -- rpm -- Fails to remove the SUID/SGID bits on package upgrade (RH BZ#598775) http://www.openwall.com/lists/oss-security/2010/06/02/2 [oss-security] 20100602 Re: CVE Request -- rpm -- Fails to remove the SUID/SGID bits on package upgrade (RH BZ#598775) http://www.openwall.com/lists/oss-security/2010/06/02/3 [oss-security] 20100603 Re: CVE Request -- rpm -- Fails to remove the SUID/SGID bits on package upgrade (RH BZ#598775) http://marc.info/?l=oss-security&m=127559059928131&w=2 [oss-security] 20100603 Re: CVE Request -- rpm -- Fails to remove the SUID/SGID bits on package upgrade (RH BZ#598775) http://www.openwall.com/lists/oss-security/2010/06/03/5 [oss-security] 20100604 Re: CVE Request -- rpm -- Fails to remove the SUID/SGID bits on package upgrade (RH BZ#598775) http://www.openwall.com/lists/oss-security/2010/06/04/1 [security-announce] 20110307 VMSA-2011-0004 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm http://lists.vmware.com/pipermail/security-announce/2011/000126.html http://distrib-coffee.ipsl.jussieu.fr/pub/mirrors/rpm/files/rpm/rpm-4.4/rpm-4.4.3.tar.gz http://distrib-coffee.ipsl.jussieu.fr/pub/mirrors/rpm/files/rpm/rpm-4.4/rpm-4.4.3.tar.gz http://rpm.org/gitweb?p=rpm.git%3Ba=commit%3Bh=ca2d6b2b484f1501eafdde02e1688409340d2383 http://rpm.org/gitweb?p=rpm.git%3Ba=commit%3Bh=ca2d6b2b484f1501eafdde02e1688409340d2383 http://www.vmware.com/security/advisories/VMSA-2011-0004.html http://www.vmware.com/security/advisories/VMSA-2011-0004.html https://bugzilla.redhat.com/show_bug.cgi?id=125517 https://bugzilla.redhat.com/show_bug.cgi?id=125517 https://bugzilla.redhat.com/show_bug.cgi?id=598775 https://bugzilla.redhat.com/show_bug.cgi?id=598775