Vulnerability Bulletins |
Vulnerabilidad en permisos de Suse Linux |
|
Vulnerability classification |
|
Property | Value |
Confidence level | Oficial |
Impact | Aumento de privilegios |
Dificulty | Avanzado |
Required attacker level | Acceso remoto con cuenta |
System information |
|
Property | Value |
Affected manufacturer | GNU/Linux |
Affected software | SUSE Linux / chkstat |
Description |
|
Se ha descubierto una vulnerabilidad en el sistema de permisos de Suse Linux. La vulnerabilidad reside en que el programa "chkstat" para prevenir que se realicen ataques de hardlink no cambia los permisos de ficheros que tengan un contador de hardlinks mayor de 1. Si se crea un hardlink a un fichero que para actualizarse se ha de borrar y volver a crear (p.e. '/etc/shadow') en el momento que el contador de hardlinks sea 1 "chkstat" permitirá cambiar los permisos del fichero. Un atacante local podría saltarse ciertas medidas de seguridad. |
|
Solution |
|
Actualización de software Suse SUSE LINUX 10.0 / x86 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/filesystem-10.0-4.2.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/permissions-2005.10.20-0.1.i586.rpm SUSE LINUX 10.0 / Power PC ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/filesystem-10.0-4.2.ppc.rpm ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/permissions-2005.10.20-0.1.ppc.rpm SUSE LINUX 10.0 / x86-64 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/filesystem-10.0-4.2.x86_64.rpm ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/permissions-2005.10.20-0.1.x86_64.rpm SUSE LINUX 10.0 / Sources ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/filesystem-10.0-4.2.src.rpm ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/permissions-2005.10.20-0.1.src.rpm SUSE LINUX 9.3 / x86 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/permissions-2005.10.20-0.1.i586.rpm SUSE LINUX 9.3 / x86-64 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/permissions-2005.10.20-0.1.x86_64.rpm SUSE LINUX 9.3 / Sources ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/permissions-2005.10.20-0.1.src.rpm SUSE LINUX 9.2 / x86 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/permissions-2005.10.20-0.1.i586.rpm SUSE LINUX 9.2 / x86-64 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/permissions-2005.10.20-0.1.x86_64.rpm SUSE LINUX 9.2 / Sources ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/src/permissions-2005.10.20-0.1.src.rpm SUSE LINUX 9.1 / x86 ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/permissions-2005.10.20-0.2.i586.rpm SUSE LINUX 9.1 / x86-64 ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/permissions-2005.10.20-0.2.x86_64.rpm SUSE LINUX 9.1 / Sources ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/permissions-2005.10.20-0.2.src.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/permissions-2005.10.20-0.2.src.rpm SuSE Linux 9.0 / x86 ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/permissions-2005.10.20-3.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/xmcd-3.0.2-552.i586.rpm SuSE Linux 9.0 / x86-64 ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/permissions-2005.10.20-3.x86_64.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/xmcd-3.0.2-552.x86_64.rpm SuSE Linux 9.0 / Sources ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/permissions-2005.10.20-3.src.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/xmcd-3.0.2-552.src.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/permissions-2005.10.20-3.src.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/xmcd-3.0.2-552.src.rpm |
|
Standar resources |
|
Property | Value |
CVE | |
BID | |
Other resources |
|
SUSE Security Advisory (SUSE-SA:2005:062) http://www.novell.com/linux/security/advisories/2005_62_permissions.html |
Version history |
||
Version | Comments | Date |
1.0 | Aviso emitido | 2005-10-26 |