int(765)

Boletines de Vulnerabilidades

Múltiples vulnerabilidades en utempter

Clasificación de la vulnerabilidad
Propiedad Valor
Nivel de Confianza Oficial
Impacto Ocultacion del rastro
Dificultad Avanzado
Requerimientos del atacante Acceso remoto con cuenta

Información sobre el sistema
Propiedad Valor
Fabricante afectado GNU/Linux
Software afectado utempter

Descripción
Se han descubierto dos errores de programación en el programa utempter que podrían suponer potenciales agujeros de seguridad:

1) Una vulnerabilidad de directorio transversal en la ruta al dispositivo. Una ruta especialmente diseñada (que haga uso de las secuencias /../, /./ o //) podría permitir a un atacante local sobreescribir archivos del sistema mediante ataques de enlace simbólico.

2) Varias llamadas a strncpy sin finalización posterior de las cadenas, lo que provoca, en el mejor de los casos, la interrupción de utempter.

Solución


Software update

Mandrake Linux

Mandrake Linux 9.1
i386
ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/9.1/SRPMS/utempter-0.5.2-10.2.91mdk.src.rpm
ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/9.1/RPMS/libutempter0-0.5.2-10.2.91mdk.i586.rpm
ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/9.1/RPMS/libutempter0-devel-0.5.2-10.2.91mdk.i586.rpm
ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/9.1/RPMS/utempter-0.5.2-10.2.91mdk.i586.rpm
PPC
ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/ppc/9.1/SRPMS/utempter-0.5.2-10.2.91mdk.src.rpm
ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/ppc/9.1/RPMS/libutempter0-0.5.2-10.2.91mdk.ppc.rpm
ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/ppc/9.1/RPMS/libutempter0-devel-0.5.2-10.2.91mdk.ppc.rpm
ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/ppc/9.1/RPMS/utempter-0.5.2-10.2.91mdk.ppc.rpm

Mandrake Linux 9.2
i386
ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/9.2/SRPMS/utempter-0.5.2-12.2.92mdk.src.rpm
ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/9.2/RPMS/libutempter0-0.5.2-12.2.92mdk.i586.rpm
ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/9.2/RPMS/libutempter0-devel-0.5.2-12.2.92mdk.i586.rpm
ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/9.2/RPMS/utempter-0.5.2-12.2.92mdk.i586.rpm
AMD64
ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/amd64/9.2/SRPMS/utempter-0.5.2-12.2.92mdk.src.rpm
ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/amd64/9.2/RPMS/lib64utempter0-0.5.2-12.2.92mdk.amd64.rpm
ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/amd64/9.2/RPMS/lib64utempter0-devel-0.5.2-12.2.92mdk.amd64.rpm
ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/amd64/9.2/RPMS/utempter-0.5.2-12.2.92mdk.amd64.rpm

Mandrake Multi Network Firewall 8.2
i386
ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/mnf8.2/SRPMS/utempter-0.5.2-5.2.M82mdk.src.rpm
ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/mnf8.2/RPMS/libutempter0-0.5.2-5.2.M82mdk.i586.rpm
ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/mnf8.2/RPMS/libutempter0-devel-0.5.2-5.2.M82mdk.i586.rpm
ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/mnf8.2/RPMS/utempter-0.5.2-5.2.M82mdk.i586.rpm

Mandrake Corporate Server 2.1
i386
ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/corporate/2.1/SRPMS/utempter-0.5.2-11.2.C21mdk.src.rpm
ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/corporate/2.1/RPMS/libutempter0-0.5.2-11.2.C21mdk.i586.rpm
ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/corporate/2.1/RPMS/libutempter0-devel-0.5.2-11.2.C21mdk.i586.rpm
ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/corporate/2.1/RPMS/utempter-0.5.2-11.2.C21mdk.i586.rpm
x86_64
ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/x86_64/corporate/2.1/SRPMS/utempter-0.5.2-11.2.C21mdk.src.rpm
ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/x86_64/corporate/2.1/RPMS/libutempter0-0.5.2-11.2.C21mdk.x86_64.rpm
ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/x86_64/corporate/2.1/RPMS/libutempter0-devel-0.5.2-11.2.C21mdk.x86_64.rpm
ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/x86_64/corporate/2.1/RPMS/utempter-0.5.2-11.2.C21mdk.x86_64.rpm

Mandrakelinux 10.0
i386
ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/10.0/SRPMS/utempter-0.5.2-12.2.100mdk.src.rpm
ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/10.0/RPMS/libutempter0-0.5.2-12.2.100mdk.i586.rpm
ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/10.0/RPMS/libutempter0-devel-0.5.2-12.2.100mdk.i586.rpm
ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/10.0/RPMS/utempter-0.5.2-12.2.100mdk.i586.rpm

RedHat Linux

RedHat Linux 9
SRPMS
ftp://updates.redhat.com/9/en/os/SRPMS/utempter-0.5.5-2.RHL9.0.src.rpm
i386
ftp://updates.redhat.com/9/en/os/i386/utempter-0.5.5-2.RHL9.0.i386.rpm

Red Hat Desktop (v. 3)
AMD64
utempter-0.5.5-1.3EL.0.x86_64.rpm
SRPMS
utempter-0.5.5-1.3EL.0.src.rpm
i386
utempter-0.5.5-1.3EL.0.i386.rpm
https://rhn.redhat.com/

Red Hat Enterprise Linux AS (v. 2.1)
SRPMS
utempter-0.5.5-1.2.1EL.0.src.rpm
i386
utempter-0.5.5-1.2.1EL.0.i386.rpm
ia64
utempter-0.5.5-1.2.1EL.0.ia64.rpm
https://rhn.redhat.com/

Red Hat Enterprise Linux AS (v. 3)
AMD64
utempter-0.5.5-1.3EL.0.x86_64.rpm
SRPMS
utempter-0.5.5-1.3EL.0.src.rpm
i386
utempter-0.5.5-1.3EL.0.i386.rpm
ia64
utempter-0.5.5-1.3EL.0.ia64.rpm
ppc
utempter-0.5.5-1.3EL.0.ppc.rpm
s390
utempter-0.5.5-1.3EL.0.s390.rpm
s390x
utempter-0.5.5-1.3EL.0.s390x.rpm
https://rhn.redhat.com/

Red Hat Enterprise Linux ES (v. 2.1)
SRPMS
utempter-0.5.5-1.2.1EL.0.src.rpm
i386
utempter-0.5.5-1.2.1EL.0.i386.rpm
https://rhn.redhat.com/

Red Hat Enterprise Linux ES (v. 3)
AMD64
utempter-0.5.5-1.3EL.0.x86_64.rpm
SRPMS
utempter-0.5.5-1.3EL.0.src.rpm
i386
utempter-0.5.5-1.3EL.0.i386.rpm
ia64
utempter-0.5.5-1.3EL.0.ia64.rpm
https://rhn.redhat.com/

Red Hat Enterprise Linux WS (v. 2.1)
SRPMS
utempter-0.5.5-1.2.1EL.0.src.rpm
i386
utempter-0.5.5-1.2.1EL.0.i386.rpm
https://rhn.redhat.com/

Red Hat Enterprise Linux WS (v. 3)
AMD64
utempter-0.5.5-1.3EL.0.x86_64.rpm
SRPMS
utempter-0.5.5-1.3EL.0.src.rpm
i386
utempter-0.5.5-1.3EL.0.i386.rpm
ia64
utempter-0.5.5-1.3EL.0.ia64.rpm
https://rhn.redhat.com/

Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor
SRPMS
utempter-0.5.5-1.2.1EL.0.src.rpm
ia64
utempter-0.5.5-1.2.1EL.0.ia64.rpm
https://rhn.redhat.com/

Sun

Sun Java Desktop System (JDS) 2003 - Parche 8934
Linux
http://wwws.sun.com/software/javadesktopsystem/faq.html#5q5
http://wwws.sun.com/software/javadesktopsystem/faq.html#5q7

Sun Java Desktop System (JDS) Release 2 - Parche 8934
Linux
http://wwws.sun.com/software/javadesktopsystem/faq.html#5q5
http://wwws.sun.com/software/javadesktopsystem/faq.html#5q7

Identificadores estándar
Propiedad Valor
CVE CAN-2004-0233
BID

Recursos adicionales
MandrakeSoft Security Advisory MDKSA-2004:031
http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:031

MandrakeSoft Security Advisory MDKSA-2004:031-1
http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:031-1

RedHat Security Advisory RHSA-2004:175-05
https://rhn.redhat.com/errata/RHSA-2004-175.html

RedHat Security Advisory RHSA-2004:174-09
https://rhn.redhat.com/errata/RHSA-2004-174.html

Sun(sm) Alert Notification 57658
http://sunsolve.sun.com/search/document.do?assetkey=1-26-57658-1

Histórico de versiones
Versión Comentario Fecha
1.0 Aviso emitido 2004-04-20
1.1 Aviso actualizado por Mandrake 2004-04-22
1.2 Aviso emitido por RedHat (RHSA-2004:175-05) 2004-05-03
1.3 Aviso emitido por Red Hat (RHSA-2004:174-09) 2004-05-26
1.4 Aviso emitido por Sun (57658) 2004-10-27

Miembros de

CERT
FIRST
TF-CSIRT
EGC Group
UE
Red Nacional de SOC
Foro Nacional de Ciberseguridad
CSIRT.es
Ministerio de Defensa
CNI
CCN
CCN-CERT