Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Security concerns in linuxconf shipped w/RedHat 5.1

From: alex () NET-CONNECT NET (Alex Mottram)
Date: Sat, 22 Aug 1998 20:35:42 -0500

There exists a security / DOS problem with linuxconf-1.11.r11-rh3/i386
as upgraded from RedHat's FTP site.  No other versions have been tested
by me.  Both the maintainer of linuxconf and RedHat Software were made
aware of this problem.

[root@machine SRPMS]# rpm -q linuxconf
linuxconf-1.11r11-rh3

The details of the problem are neither new nor exciting so a very brief
description follows:

linuxconf creates at least one file in /tmp during/at execution, and
will blindly follow a symlink from that file.  As linuxconf is an admin
tool, and can/should only be run as root, the possibilities of system
smashing are multiple.

A version of linuxconf that does not have this problem is available at:
ftp://ftp.solucorp.qc.ca/pub/linuxconf/devel/redhat-5.1/linuxconf-1.11r19-1.i386.rpm

Thanks to Jacques Gelinas (linuxconf maintainer)  for releasing a fixed
version quickly.
Previous By Date Next
Previous By Thread Next

Current thread: