Bug 146737
| Summary: | CAN-2005-0155 multiple setuid perl issues (CAN-2005-0156) | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 3 | Reporter: | Josh Bressers <bressers> | ||||||
| Component: | perl | Assignee: | Chip Turner <cturner> | ||||||
| Status: | CLOSED ERRATA | QA Contact: | David Lawrence <dkl> | ||||||
| Severity: | high | Docs Contact: | |||||||
| Priority: | medium | ||||||||
| Version: | 3.0 | CC: | lockhart, mattdm, security-response-team | ||||||
| Target Milestone: | --- | Keywords: | Security | ||||||
| Target Release: | --- | ||||||||
| Hardware: | All | ||||||||
| OS: | Linux | ||||||||
| Whiteboard: | impact=important,embargo=yes | ||||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||||
| Doc Text: | Story Points: | --- | |||||||
| Clone Of: | Environment: | ||||||||
| Last Closed: | 2005-02-07 16:42:40 UTC | Type: | --- | ||||||
| Regression: | --- | Mount Type: | --- | ||||||
| Documentation: | --- | CRM: | |||||||
| Verified Versions: | Category: | --- | |||||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||||
| Embargoed: | |||||||||
| Attachments: |
|
||||||||
The following isuses were reported regarding running setuid perl executables (I'm attaching the report as a text file as it is long). buffer overflow caused by very long paths and a PERLIO_DEBUG file overwrite bug. This issue should also affect RHEL2.1 Created attachment 110481 [details]
Proposed patch
This patch needs peer review.
CAN-2005-0155 for the privilege escalation in debug mode CAN-2005-0156 for the buffer overflow patch applied and built into dist-3.0E-errata-candidate Removing embargo, public via ubuntu This issue does not affect RHEL2.1 An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2005-105.html |
Created attachment 110480 [details] Text sent to vendor-sec