Bug 17178

Summary: one more security problem with mgetty
Product: [Retired] Red Hat Linux Reporter: mal
Component: mgettyAssignee: Nalin Dahyabhai <nalin>
Status: CLOSED ERRATA QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 7.0   
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2000-09-07 19:49:43 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Description mal 2000-09-01 15:04:08 UTC
Same problem exists in RedHat.

Date: Thu, 31 Aug 2000 23:12:54 -0600
From: Linux Mandrake Security Team <security@linux-mandrake.com>
To: Linux Mandrake Security Announcements
Subject: [Security Announce] MDKSA-2000:042 - mgetty update

Hash: SHA1


                Linux-Mandrake Security Update Advisory

Package name:           mgetty
Date:                   August 31st, 2000
Advisory ID:            MDKSA-2000:042

Affected versions:      6.0, 6.1, 7.0, 7.1

Problem Description:

 There is a problem in the mgetty package, which contains a number of
 tools for sending and receiving faxes.  The faxrunq tool uses a
 marker file in the /tmp directory, which is world-writable,  in an 
 insecure fashion.  This problem, if exploited, allows malicious users
 to overwrite files on the system via a symlink attack which are owned
 by the user that is invoking faxrunq.  All versions of mgetty prior to 
 1.1.22 are  vulnerable.

Comment 1 Nalin Dahyabhai 2000-09-07 19:49:40 UTC
An errata is being prepped.