int(1181)

Boletines de Vulnerabilidades


Creación insegura de archivos temporales en OpenSSL

Clasificación de la vulnerabilidad

Propiedad Valor
Nivel de Confianza Oficial
Impacto Compromiso Root
Dificultad Avanzado
Requerimientos del atacante Acceso remoto con cuenta

Información sobre el sistema

Propiedad Valor
Fabricante afectado GNU/Linux
Software afectado OpenSSL < 0.9.7e

Descripción

Se ha descubierto una vulnerabilidad en el paquete OpenSSL que podría permitir a un atacante local obtener privilegios de otro usuario.

La vulnerabilidad tiene su origen en el script der_chop, que crea archivos temporales de forma insegura, siendo susceptible a un ataque basado en la creación de enlaces simbólicos hacia otros archivos.

Solución

Aplique los mecanismos de actualización propios de su sistema, o bien obtenga las fuentes del software y compílelo usted mismo.


Actualización de Software

OpenSSL
Página oficial
http://www.openssl.org

Debian Linux

Debian Linux 3.0
Source:
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.6c-2.woody.7.dsc
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.6c-2.woody.7.diff.gz
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.6c.orig.tar.gz
Componentes independiantes de la arquitectura:
http://security.debian.org/pool/updates/main/o/openssl/ssleay_0.9.6c-2.woody.7_all.deb
Alpha architecture:
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.6c-2.woody.7_alpha.deb
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.6_0.9.6c-2.woody.7_alpha.deb
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.6c-2.woody.7_alpha.deb
ARM:
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.6c-2.woody.7_arm.deb
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.6_0.9.6c-2.woody.7_arm.deb
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.6c-2.woody.7_arm.deb
Intel IA-32:
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.6c-2.woody.7_i386.deb
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.6_0.9.6c-2.woody.7_i386.deb
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.6c-2.woody.7_i386.deb
Intel IA-64:
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.6c-2.woody.7_ia64.deb
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.6_0.9.6c-2.woody.7_ia64.deb
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.6c-2.woody.7_ia64.deb
HP Precision:
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.6c-2.woody.7_hppa.deb
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.6_0.9.6c-2.woody.7_hppa.deb
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.6c-2.woody.7_hppa.deb
Motorola 680x0:
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.6c-2.woody.7_m68k.deb
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.6_0.9.6c-2.woody.7_m68k.deb
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.6c-2.woody.7_m68k.deb
Big endian MIPS:
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.6c-2.woody.7_mips.deb
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.6_0.9.6c-2.woody.7_mips.deb
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.6c-2.woody.7_mips.deb
Little endian MIPS:
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.6c-2.woody.7_mipsel.deb
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.6_0.9.6c-2.woody.7_mipsel.deb
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.6c-2.woody.7_mipsel.deb
PowerPC:
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.6c-2.woody.7_powerpc.deb
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.6_0.9.6c-2.woody.7_powerpc.deb
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.6c-2.woody.7_powerpc.deb
IBM S/390:
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.6c-2.woody.7_s390.deb
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.6_0.9.6c-2.woody.7_s390.deb
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.6c-2.woody.7_s390.deb
Sun Sparc:
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.6c-2.woody.7_sparc.deb
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.6_0.9.6c-2.woody.7_sparc.deb
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.6c-2.woody.7_sparc.deb

Mandrake Linux
Mandrake Linux 9.2
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/libopenssl0.9.7-0.9.7b-5.1.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/libopenssl0.9.7-devel-0.9.7b-5.1.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/libopenssl0.9.7-static-devel-0.9.7b-5.1.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/openssl-0.9.7b-5.1.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/SRPMS/openssl-0.9.7b-5.1.92mdk.src.rpm
Mandrake Linux 9.2/AMD64
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/lib64openssl0.9.7-0.9.7b-5.1.92mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/lib64openssl0.9.7-devel-0.9.7b-5.1.92mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/lib64openssl0.9.7-static-devel-0.9.7b-5.1.92mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/openssl-0.9.7b-5.1.92mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/SRPMS/openssl-0.9.7b-5.1.92mdk.src.rpm
Mandrake Linux 10.0
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/libopenssl0.9.7-0.9.7c-3.1.100mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/libopenssl0.9.7-devel-0.9.7c-3.1.100mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/libopenssl0.9.7-static-devel-0.9.7c-3.1.100mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/openssl-0.9.7c-3.1.100mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/SRPMS/openssl-0.9.7c-3.1.100mdk.src.rpm
Mandrake Linux 10.0/AMD64
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/lib64openssl0.9.7-0.9.7c-3.1.100mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/lib64openssl0.9.7-devel-0.9.7c-3.1.100mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/lib64openssl0.9.7-static-devel-0.9.7c-3.1.100mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/openssl-0.9.7c-3.1.100mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/SRPMS/openssl-0.9.7c-3.1.100mdk.src.rpm
Mandrake Linux 10.1
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/libopenssl0.9.7-0.9.7d-1.1.101mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/libopenssl0.9.7-devel-0.9.7d-1.1.101mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/libopenssl0.9.7-static-devel-0.9.7d-1.1.101mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/openssl-0.9.7d-1.1.101mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/SRPMS/openssl-0.9.7d-1.1.101mdk.src.rpm
Mandrake Linux 10.1/X86_64
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/lib64openssl0.9.7-0.9.7d-1.1.101mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/lib64openssl0.9.7-devel-0.9.7d-1.1.101mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/lib64openssl0.9.7-static-devel-0.9.7d-1.1.101mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/openssl-0.9.7d-1.1.101mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/SRPMS/openssl-0.9.7d-1.1.101mdk.src.rpm
Multi Network Firewall 8.2
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/mnf8.2/RPMS/libopenssl0-0.9.6i-1.7.M82mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/mnf8.2/RPMS/openssl-0.9.6i-1.7.M82mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/mnf8.2/SRPMS/openssl-0.9.6i-1.7.M82mdk.src.rpm
Corporate Server 2.1
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/libopenssl0-0.9.6i-1.8.C21mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/libopenssl0-devel-0.9.6i-1.8.C21mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/libopenssl0-static-devel-0.9.6i-1.8.C21mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/openssl-0.9.6i-1.8.C21mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/SRPMS/openssl-0.9.6i-1.8.C21mdk.src.rpm
Corporate Server 2.1/X86_64
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/libopenssl0-0.9.6i-1.8.C21mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/libopenssl0-devel-0.9.6i-1.8.C21mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/libopenssl0-static-devel-0.9.6i-1.8.C21mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/openssl-0.9.6i-1.8.C21mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/SRPMS/openssl-0.9.6i-1.8.C21mdk.src.rpm

Red Hat Linux
Red Hat Desktop (v. 3)
Red Hat Desktop (v. 4)
Red Hat Enterprise Linux AS (v. 2.1)
Red Hat Enterprise Linux AS (v. 3)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux ES (v. 2.1)
Red Hat Enterprise Linux ES (v. 3)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux WS (v. 2.1)
Red Hat Enterprise Linux WS (v. 3)
Red Hat Enterprise Linux WS (v. 4)
Red Hat Linux Advanced Workstation 2.1 Itanium Processor
https://rhn.redhat.com/

Identificadores estándar

Propiedad Valor
CVE CAN-2004-0975
BID 11293

Recursos adicionales

Trustix Secure Linux Bugfix Advisory #2004-0050
http://www.trustix.net/errata/2004/0050/

Debian Security Advisory (DSA 603-1)
http://lists.debian.org/debian-security-announce/debian-security-announce-2004/msg00212.html

Mandrake Linux security advisory (MDKSA-2004:147)
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:147

Red Hat Security Advisory RHSA-2005:476-08
https://rhn.redhat.com/errata/RHSA-2005-476.html

Histórico de versiones

Versión Comentario Fecha
1.0 Aviso emitido 2004-12-02
1.1 Aviso emitido por Mandrake Linux (MDKSA-2004:147) 2004-12-07
1.2 Aviso emitido por Red Hat (RHSA-2005:476-08) 2005-06-02

Miembros de

Ministerio de Defensa
CNI
CCN
CCN-CERT