English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 73247 CVE descriptions
and 39212 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.51533
Category:Conectiva Local Security Checks
Title:Conectiva Security Advisory CLA-2002:523
Summary:Conectiva Security Advisory CLA-2002:523
Description:
The remote host is missing updates announced in
advisory CLA-2002:523.

The util-linux package contains a large variety of system
utilities that are necessary for a Linux system to function.
Among many features, it includes the chfn utility, a suid root tool
used to change user account information.

Michal Zalewski found a race condition vulnerability[1] in the way
chfn locks files when changing /etc/passwd. In order to sucessfully
exploit this vulnerability, some administrator interaction is needed
and there are some prerequisites to fulfill. Full details can be
found in the Bindview advisory[2].

Having what appears to be a stale /etc/ptmptmp file could be a sign
that the vulnerability is being exploited. In that case, the
administrator should investigate current users and processes before
attemtping to remove this file.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2002-0638 to this issue[3].

Please note that the fixed packages were available in our ftp servers
since September 2nd, 2002.


Solution:
The apt tool can be used to perform RPM package upgrades
by running 'apt-get update' followed by 'apt-get upgrade'

http://www.kb.cert.org/vuls/id/405955
http://razor.bindview.com/publish/advisories/adv_chfn.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0638
http://distro.conectiva.com.br/bugzilla/show_bug.cgi?id=6401
http://www.securityspace.com/smysecure/catid.html?in=CLA-2002:523
http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=002002

Risk factor : High
Cross-Ref: BugTraq ID: 5344
Common Vulnerability Exposure (CVE) ID: CVE-2002-0638
http://archives.neohapsis.com/archives/bugtraq/2002-07/0357.html
Bugtraq: 20020729 RAZOR advisory: Linux util-linux chfn local root vulnerability (Google Search)
http://marc.theaimsgroup.com/?l=bugtraq&m=102795787713996&w=2
CERT/CC vulnerability note: VU#405955
http://www.kb.cert.org/vuls/id/405955
RedHat Security Advisories: RHSA-2002:132
http://rhn.redhat.com/errata/RHSA-2002-132.html
http://www.redhat.com/support/errata/RHSA-2002-137.html
Conectiva Linux advisory: CLA-2002:523
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000523
Caldera Security Advisory: CSSA-2002-043.0
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-043.0.txt
http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-047.php
Bugtraq: 20020730 TSLSA-2002-0064 - util-linux (Google Search)
http://archives.neohapsis.com/archives/bugtraq/2002-07/0396.html
HPdes Security Advisory: HPSBTL0207-054
http://online.securityfocus.com/advisories/4320
http://www.iss.net/security_center/static/9709.php
http://www.securityfocus.com/bid/5344
http://www.osvdb.org/5164
CopyrightCopyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 39212 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois

© 1998-2014 E-Soft Inc. All rights reserved.