Boletines de Vulnerabilidades

int(1809)

Boletines de Vulnerabilidades

Creación insegura de ficheros temporales en CVS
Clasificación de la vulnerabilidad
Propiedad	Valor
Nivel de Confianza	Oficial
Impacto	Integridad
Dificultad	Avanzado
Requerimientos del atacante	Acceso remoto con cuenta
Información sobre el sistema
Propiedad	Valor
Fabricante afectado	GNU/Linux
Software afectado	CVS <= 1.12.12 GCVS
Descripción
Se ha descubierto una vulnerabilidad en el programa cvsbug, que forma parte de CVS. La vulnerabilidad reside en la creación insegura de archivos temporales. La explotación de esta vulnerabilidad podría permitir a un atacante local sobrescribir archivos arbitrarios del sistema mediante un ataque de enlace simbólico.
Solución
Actualización de software Red Hat Red Hat Desktop (v. 3) / SRPMS cvs-1.11.2-28.src.rpm Red Hat Desktop (v. 3) / IA-32 cvs-1.11.2-28.i386.rpm Red Hat Desktop (v. 3) / x86_64 cvs-1.11.2-28.x86_64.rpm Red Hat Desktop (v. 4) / SRPMS cvs-1.11.17-8.RHEL4.src.rpm Red Hat Desktop (v. 4) / IA-32 cvs-1.11.17-8.RHEL4.i386.rpm Red Hat Desktop (v. 4) / x86_64 cvs-1.11.17-8.RHEL4.x86_64.rpm Red Hat Enterprise Linux AS (v. 2.1) / SRPMS cvs-1.11.1p1-19.src.rpm Red Hat Enterprise Linux AS (v. 2.1) / IA-32 cvs-1.11.1p1-19.i386.rpm Red Hat Enterprise Linux AS (v. 2.1) / IA-64 cvs-1.11.1p1-19.ia64.rpm Red Hat Enterprise Linux AS (v. 3) / SRPMS cvs-1.11.2-28.src.rpm Red Hat Enterprise Linux AS (v. 3) / IA-32 cvs-1.11.2-28.i386.rpm Red Hat Enterprise Linux AS (v. 3) / IA-64 cvs-1.11.2-28.ia64.rpm Red Hat Enterprise Linux AS (v. 3) / PPC cvs-1.11.2-28.ppc.rpm Red Hat Enterprise Linux AS (v. 3) / s390 cvs-1.11.2-28.s390.rpm Red Hat Enterprise Linux AS (v. 3) / s390x cvs-1.11.2-28.s390x.rpm Red Hat Enterprise Linux AS (v. 3) / x86_64 cvs-1.11.2-28.x86_64.rpm Red Hat Enterprise Linux AS (v. 4) / SRPMS cvs-1.11.17-8.RHEL4.src.rpm Red Hat Enterprise Linux AS (v. 4) / IA-32 cvs-1.11.17-8.RHEL4.i386.rpm Red Hat Enterprise Linux AS (v. 4) / IA-64 cvs-1.11.17-8.RHEL4.ia64.rpm Red Hat Enterprise Linux AS (v. 4) / PPC cvs-1.11.17-8.RHEL4.ppc.rpm Red Hat Enterprise Linux AS (v. 4) / s390 cvs-1.11.17-8.RHEL4.s390.rpm Red Hat Enterprise Linux AS (v. 4) / s390x cvs-1.11.17-8.RHEL4.s390x.rpm Red Hat Enterprise Linux AS (v. 4) / x86_64 cvs-1.11.17-8.RHEL4.x86_64.rpm Red Hat Enterprise Linux ES (v. 2.1) / SRPMS cvs-1.11.1p1-19.src.rpm Red Hat Enterprise Linux ES (v. 2.1) / IA-32 cvs-1.11.1p1-19.i386.rpm Red Hat Enterprise Linux ES (v. 3) / SRPMS cvs-1.11.2-28.src.rpm Red Hat Enterprise Linux ES (v. 3) / IA-32 cvs-1.11.2-28.i386.rpm Red Hat Enterprise Linux ES (v. 3) / IA-64 cvs-1.11.2-28.ia64.rpm Red Hat Enterprise Linux ES (v. 3) / x86_64 cvs-1.11.2-28.x86_64.rpm Red Hat Enterprise Linux ES (v. 4) / SRPMS cvs-1.11.17-8.RHEL4.src.rpm Red Hat Enterprise Linux ES (v. 4) / IA-32 cvs-1.11.17-8.RHEL4.i386.rpm Red Hat Enterprise Linux ES (v. 4) / IA-64 cvs-1.11.17-8.RHEL4.ia64.rpm Red Hat Enterprise Linux ES (v. 4) / x86_64 cvs-1.11.17-8.RHEL4.x86_64.rpm Red Hat Enterprise Linux WS (v. 2.1) / SRPMS cvs-1.11.1p1-19.src.rpm Red Hat Enterprise Linux WS (v. 2.1) / IA-32 cvs-1.11.1p1-19.i386.rpm Red Hat Enterprise Linux WS (v. 3) / SRPMS cvs-1.11.2-28.src.rpm Red Hat Enterprise Linux WS (v. 3) / IA-32 cvs-1.11.2-28.i386.rpm Red Hat Enterprise Linux WS (v. 3) / IA-64 cvs-1.11.2-28.ia64.rpm Red Hat Enterprise Linux WS (v. 3) / x86_64 cvs-1.11.2-28.x86_64.rpm Red Hat Enterprise Linux WS (v. 4) / SRPMS cvs-1.11.17-8.RHEL4.src.rpm Red Hat Enterprise Linux WS (v. 4) / IA-32 cvs-1.11.17-8.RHEL4.i386.rpm Red Hat Enterprise Linux WS (v. 4) / IA-64 cvs-1.11.17-8.RHEL4.ia64.rpm Red Hat Enterprise Linux WS (v. 4) / x86_64 cvs-1.11.17-8.RHEL4.x86_64.rpm Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor / SRPMS cvs-1.11.1p1-19.src.rpm Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor / IA-64 cvs-1.11.1p1-19.ia64.rpm Debian Debian Linux 3.0 Source http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian-13.dsc http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian-13.diff.gz http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian.orig.tar.gz Alpha http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian-13_alpha.deb ARM http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian-13_arm.deb Intel IA-32 http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian-13_i386.deb Intel IA-64 http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian-13_ia64.deb HP Precision http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian-13_hppa.deb Motorola 680x0 http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian-13_m68k.deb Big endian MIPS http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian-13_mips.deb Little endian MIPS http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian-13_mipsel.deb PowerPC http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian-13_powerpc.deb IBM S/390 http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian-13_s390.deb Sun Sparc http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian-13_sparc.deb Debian Linux 3.1 Source http://security.debian.org/pool/updates/main/g/gcvs/gcvs_1.0final-5sarge1.dsc http://security.debian.org/pool/updates/main/g/gcvs/gcvs_1.0final-5sarge1.diff.gz http://security.debian.org/pool/updates/main/g/gcvs/gcvs_1.0final.orig.tar.gz Alpha http://security.debian.org/pool/updates/main/g/gcvs/gcvs_1.0final-5sarge1_alpha.deb AMD64 http://security.debian.org/pool/updates/main/g/gcvs/gcvs_1.0final-5sarge1_amd64.deb ARM http://security.debian.org/pool/updates/main/g/gcvs/gcvs_1.0final-5sarge1_arm.deb Intel IA-32 http://security.debian.org/pool/updates/main/g/gcvs/gcvs_1.0final-5sarge1_i386.deb Intel IA-64 http://security.debian.org/pool/updates/main/g/gcvs/gcvs_1.0final-5sarge1_ia64.deb HP Precision http://security.debian.org/pool/updates/main/g/gcvs/gcvs_1.0final-5sarge1_hppa.deb Motorola 680x0 http://security.debian.org/pool/updates/main/g/gcvs/gcvs_1.0final-5sarge1_m68k.deb Big endian MIPS http://security.debian.org/pool/updates/main/g/gcvs/gcvs_1.0final-5sarge1_mips.deb Little endian MIPS http://security.debian.org/pool/updates/main/g/gcvs/gcvs_1.0final-5sarge1_mipsel.deb PowerPC http://security.debian.org/pool/updates/main/g/gcvs/gcvs_1.0final-5sarge1_powerpc.deb IBM S/390 http://security.debian.org/pool/updates/main/g/gcvs/gcvs_1.0final-5sarge1_s390.deb Sun Sparc http://security.debian.org/pool/updates/main/g/gcvs/gcvs_1.0final-5sarge1_sparc.deb FreeBSD FreeBSD 4.10 ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-05:20/cvsbug410.patch FreeBSD 4.11 ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-05:20/cvsbug.patch FreeBSD 5.3 ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-05:20/cvsbug53.patch FreeBSD 5.4 ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-05:20/cvsbug.patch SGI SGI ProPack 3 Service Pack 6 Parche 10212 http://support.sgi.com/ NetBSD NetBSD 1.6, 1.6.1, 1.6.2, 2.0, 2.0.2 Instalar Parches o actualizar a NetBSD 2.1 o 2.0.3 http://www.netbsd.org
Identificadores estándar
Propiedad	Valor
CVE	CAN-2005-2693
BID
Recursos adicionales
Red Hat Security Advisory (RHSA-2005:756-3) https://rhn.redhat.com/errata/RHSA-2005-756.html Debian Security Advisory (DSA 802-1) http://lists.debian.org/debian-security-announce/debian-security-announce-2005/msg00192.html Debian Security Advisory (DSA 806-1) http://lists.debian.org/debian-security-announce/debian-security-announce-2005/msg00196.html FreeBSD Security Announcement (FreeBSD-SA-05:20) ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:20.cvsbug.asc SGI Security advisory (20050901-01-U) ftp://patches.sgi.com/support/free/security/advisories/20050901-01-U.asc NetBSD Security Advisory (2005-006) ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2005-006.txt.asc

Histórico de versiones
Versión	Comentario	Fecha
1.0	Aviso emitido	2005-09-08
1.1	Aviso emitido por Debian (DSA 806-1)	2005-09-14
1.2	Aviso emitido por FreeBSD (FreeBSD-SA-05:20). Aviso emitido por SGI (20050901-01-U)	2005-09-16
1.3	Aviso emitido por NetBSD (2005-006)	2005-11-08