Vulnerability Bulletins

int(1809)

Vulnerability Bulletins

Creación insegura de ficheros temporales en CVS
Vulnerability classification
Property	Value
Confidence level	Oficial
Impact	Integridad
Dificulty	Avanzado
Required attacker level	Acceso remoto con cuenta
System information
Property	Value
Affected manufacturer	GNU/Linux
Affected software	CVS <= 1.12.12 GCVS
Description
Se ha descubierto una vulnerabilidad en el programa cvsbug, que forma parte de CVS. La vulnerabilidad reside en la creación insegura de archivos temporales. La explotación de esta vulnerabilidad podría permitir a un atacante local sobrescribir archivos arbitrarios del sistema mediante un ataque de enlace simbólico.
Solution
Actualización de software Red Hat Red Hat Desktop (v. 3) / SRPMS cvs-1.11.2-28.src.rpm Red Hat Desktop (v. 3) / IA-32 cvs-1.11.2-28.i386.rpm Red Hat Desktop (v. 3) / x86_64 cvs-1.11.2-28.x86_64.rpm Red Hat Desktop (v. 4) / SRPMS cvs-1.11.17-8.RHEL4.src.rpm Red Hat Desktop (v. 4) / IA-32 cvs-1.11.17-8.RHEL4.i386.rpm Red Hat Desktop (v. 4) / x86_64 cvs-1.11.17-8.RHEL4.x86_64.rpm Red Hat Enterprise Linux AS (v. 2.1) / SRPMS cvs-1.11.1p1-19.src.rpm Red Hat Enterprise Linux AS (v. 2.1) / IA-32 cvs-1.11.1p1-19.i386.rpm Red Hat Enterprise Linux AS (v. 2.1) / IA-64 cvs-1.11.1p1-19.ia64.rpm Red Hat Enterprise Linux AS (v. 3) / SRPMS cvs-1.11.2-28.src.rpm Red Hat Enterprise Linux AS (v. 3) / IA-32 cvs-1.11.2-28.i386.rpm Red Hat Enterprise Linux AS (v. 3) / IA-64 cvs-1.11.2-28.ia64.rpm Red Hat Enterprise Linux AS (v. 3) / PPC cvs-1.11.2-28.ppc.rpm Red Hat Enterprise Linux AS (v. 3) / s390 cvs-1.11.2-28.s390.rpm Red Hat Enterprise Linux AS (v. 3) / s390x cvs-1.11.2-28.s390x.rpm Red Hat Enterprise Linux AS (v. 3) / x86_64 cvs-1.11.2-28.x86_64.rpm Red Hat Enterprise Linux AS (v. 4) / SRPMS cvs-1.11.17-8.RHEL4.src.rpm Red Hat Enterprise Linux AS (v. 4) / IA-32 cvs-1.11.17-8.RHEL4.i386.rpm Red Hat Enterprise Linux AS (v. 4) / IA-64 cvs-1.11.17-8.RHEL4.ia64.rpm Red Hat Enterprise Linux AS (v. 4) / PPC cvs-1.11.17-8.RHEL4.ppc.rpm Red Hat Enterprise Linux AS (v. 4) / s390 cvs-1.11.17-8.RHEL4.s390.rpm Red Hat Enterprise Linux AS (v. 4) / s390x cvs-1.11.17-8.RHEL4.s390x.rpm Red Hat Enterprise Linux AS (v. 4) / x86_64 cvs-1.11.17-8.RHEL4.x86_64.rpm Red Hat Enterprise Linux ES (v. 2.1) / SRPMS cvs-1.11.1p1-19.src.rpm Red Hat Enterprise Linux ES (v. 2.1) / IA-32 cvs-1.11.1p1-19.i386.rpm Red Hat Enterprise Linux ES (v. 3) / SRPMS cvs-1.11.2-28.src.rpm Red Hat Enterprise Linux ES (v. 3) / IA-32 cvs-1.11.2-28.i386.rpm Red Hat Enterprise Linux ES (v. 3) / IA-64 cvs-1.11.2-28.ia64.rpm Red Hat Enterprise Linux ES (v. 3) / x86_64 cvs-1.11.2-28.x86_64.rpm Red Hat Enterprise Linux ES (v. 4) / SRPMS cvs-1.11.17-8.RHEL4.src.rpm Red Hat Enterprise Linux ES (v. 4) / IA-32 cvs-1.11.17-8.RHEL4.i386.rpm Red Hat Enterprise Linux ES (v. 4) / IA-64 cvs-1.11.17-8.RHEL4.ia64.rpm Red Hat Enterprise Linux ES (v. 4) / x86_64 cvs-1.11.17-8.RHEL4.x86_64.rpm Red Hat Enterprise Linux WS (v. 2.1) / SRPMS cvs-1.11.1p1-19.src.rpm Red Hat Enterprise Linux WS (v. 2.1) / IA-32 cvs-1.11.1p1-19.i386.rpm Red Hat Enterprise Linux WS (v. 3) / SRPMS cvs-1.11.2-28.src.rpm Red Hat Enterprise Linux WS (v. 3) / IA-32 cvs-1.11.2-28.i386.rpm Red Hat Enterprise Linux WS (v. 3) / IA-64 cvs-1.11.2-28.ia64.rpm Red Hat Enterprise Linux WS (v. 3) / x86_64 cvs-1.11.2-28.x86_64.rpm Red Hat Enterprise Linux WS (v. 4) / SRPMS cvs-1.11.17-8.RHEL4.src.rpm Red Hat Enterprise Linux WS (v. 4) / IA-32 cvs-1.11.17-8.RHEL4.i386.rpm Red Hat Enterprise Linux WS (v. 4) / IA-64 cvs-1.11.17-8.RHEL4.ia64.rpm Red Hat Enterprise Linux WS (v. 4) / x86_64 cvs-1.11.17-8.RHEL4.x86_64.rpm Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor / SRPMS cvs-1.11.1p1-19.src.rpm Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor / IA-64 cvs-1.11.1p1-19.ia64.rpm Debian Debian Linux 3.0 Source http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian-13.dsc http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian-13.diff.gz http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian.orig.tar.gz Alpha http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian-13_alpha.deb ARM http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian-13_arm.deb Intel IA-32 http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian-13_i386.deb Intel IA-64 http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian-13_ia64.deb HP Precision http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian-13_hppa.deb Motorola 680x0 http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian-13_m68k.deb Big endian MIPS http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian-13_mips.deb Little endian MIPS http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian-13_mipsel.deb PowerPC http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian-13_powerpc.deb IBM S/390 http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian-13_s390.deb Sun Sparc http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian-13_sparc.deb Debian Linux 3.1 Source http://security.debian.org/pool/updates/main/g/gcvs/gcvs_1.0final-5sarge1.dsc http://security.debian.org/pool/updates/main/g/gcvs/gcvs_1.0final-5sarge1.diff.gz http://security.debian.org/pool/updates/main/g/gcvs/gcvs_1.0final.orig.tar.gz Alpha http://security.debian.org/pool/updates/main/g/gcvs/gcvs_1.0final-5sarge1_alpha.deb AMD64 http://security.debian.org/pool/updates/main/g/gcvs/gcvs_1.0final-5sarge1_amd64.deb ARM http://security.debian.org/pool/updates/main/g/gcvs/gcvs_1.0final-5sarge1_arm.deb Intel IA-32 http://security.debian.org/pool/updates/main/g/gcvs/gcvs_1.0final-5sarge1_i386.deb Intel IA-64 http://security.debian.org/pool/updates/main/g/gcvs/gcvs_1.0final-5sarge1_ia64.deb HP Precision http://security.debian.org/pool/updates/main/g/gcvs/gcvs_1.0final-5sarge1_hppa.deb Motorola 680x0 http://security.debian.org/pool/updates/main/g/gcvs/gcvs_1.0final-5sarge1_m68k.deb Big endian MIPS http://security.debian.org/pool/updates/main/g/gcvs/gcvs_1.0final-5sarge1_mips.deb Little endian MIPS http://security.debian.org/pool/updates/main/g/gcvs/gcvs_1.0final-5sarge1_mipsel.deb PowerPC http://security.debian.org/pool/updates/main/g/gcvs/gcvs_1.0final-5sarge1_powerpc.deb IBM S/390 http://security.debian.org/pool/updates/main/g/gcvs/gcvs_1.0final-5sarge1_s390.deb Sun Sparc http://security.debian.org/pool/updates/main/g/gcvs/gcvs_1.0final-5sarge1_sparc.deb FreeBSD FreeBSD 4.10 ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-05:20/cvsbug410.patch FreeBSD 4.11 ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-05:20/cvsbug.patch FreeBSD 5.3 ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-05:20/cvsbug53.patch FreeBSD 5.4 ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-05:20/cvsbug.patch SGI SGI ProPack 3 Service Pack 6 Parche 10212 http://support.sgi.com/ NetBSD NetBSD 1.6, 1.6.1, 1.6.2, 2.0, 2.0.2 Instalar Parches o actualizar a NetBSD 2.1 o 2.0.3 http://www.netbsd.org
Standar resources
Property	Value
CVE	CAN-2005-2693
BID
Other resources
Red Hat Security Advisory (RHSA-2005:756-3) https://rhn.redhat.com/errata/RHSA-2005-756.html Debian Security Advisory (DSA 802-1) http://lists.debian.org/debian-security-announce/debian-security-announce-2005/msg00192.html Debian Security Advisory (DSA 806-1) http://lists.debian.org/debian-security-announce/debian-security-announce-2005/msg00196.html FreeBSD Security Announcement (FreeBSD-SA-05:20) ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:20.cvsbug.asc SGI Security advisory (20050901-01-U) ftp://patches.sgi.com/support/free/security/advisories/20050901-01-U.asc NetBSD Security Advisory (2005-006) ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2005-006.txt.asc

Version history
Version	Comments	Date
1.0	Aviso emitido	2005-09-08
1.1	Aviso emitido por Debian (DSA 806-1)	2005-09-14
1.2	Aviso emitido por FreeBSD (FreeBSD-SA-05:20). Aviso emitido por SGI (20050901-01-U)	2005-09-16
1.3	Aviso emitido por NetBSD (2005-006)	2005-11-08

Vulnerability Bulletins

Creación insegura de ficheros temporales en CVS

Vulnerability classification

System information

Description

Solution

Standar resources

Other resources

Version history