int(860)

Vulnerability Bulletins


Vulnerabilidad de enlace simbólico en el paquete ksymoops de Mandrake

Vulnerability classification

Property Value
Confidence level Oficial
Impact Ocultacion del rastro
Dificulty Experto
Required attacker level Acceso remoto con cuenta

System information

Property Value
Affected manufacturer GNU/Linux
Affected software ksymoops

Description

Se ha descubierto una vulnerabilidad de enlace simbólico en el script ksymooops-gznm distribuido con Mandrakelinux. La vulnerabilidad reside en que el script no hace las comprobaciones adecuadas antes de copiar un archivo al directorio /tmp.

La explotación de esta vulnerabilidad podría permitir a un atacante local sobrescribir archivos del sistema.

Solution



Actualización de software

Mandrake Linux

Mandrakelinux 9.1
i386
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.1/RPMS/ksymoops-2.4.8-1.1.91mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.1/SRPMS/ksymoops-2.4.8-1.1.91mdk.src.rpm
PPC
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/ppc/9.1/RPMS/ksymoops-2.4.8-1.1.91mdk.ppc.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/ppc/9.1/SRPMS/ksymoops-2.4.8-1.1.91mdk.src.rpm

Mandrakelinux 9.2
i386
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/ksymoops-2.4.9-2.1.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/SRPMS/ksymoops-2.4.9-2.1.92mdk.src.rpm
AMD64
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/ksymoops-2.4.9-2.1.92mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/SRPMS/ksymoops-2.4.9-2.1.92mdk.src.rpm

Mandrakelinux 10.0
i386
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/ksymoops-2.4.9-2.1.100mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/SRPMS/ksymoops-2.4.9-2.1.100mdk.src.rpm
AMD64
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/ksymoops-2.4.9-2.1.100mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/SRPMS/ksymoops-2.4.9-2.1.100mdk.src.rpm

Mandrake Corporate Server 2.1
i386
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/ksymoops-2.4.5-1.1.C21mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/SRPMS/ksymoops-2.4.5-1.1.C21mdk.src.rpm
X86_64
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/ksymoops-2.4.5-1.1.C21mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/SRPMS/ksymoops-2.4.5-1.1.C21mdk.src.rpm

Standar resources

Property Value
CVE CAN-2004-0581
BID

Other resources

Mandrakesoft Security Advisory MDKSA-2004:060
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:060

Version history

Version Comments Date
1.0 Aviso emitido 2004-06-11
1.1 CAN añadido 2004-06-28
Ministerio de Defensa
CNI
CCN
CCN-CERT