Bug 17178

Summary:	one more security problem with mgetty
Product:	[Retired] Red Hat Linux	Reporter:	mal
Component:	mgetty	Assignee:	Nalin Dahyabhai <nalin>
Status:	CLOSED ERRATA	QA Contact:
Severity:	medium	Docs Contact:
Priority:	medium
Version:	7.0
Target Milestone:	---
Target Release:	---
Hardware:	i386
OS:	Linux
Whiteboard:
Fixed In Version:		Doc Type:	Bug Fix
Doc Text:		Story Points:	---
Clone Of:		Environment:
Last Closed:	2000-09-07 19:49:43 UTC	Type:	---
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	---	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:
Embargoed:

Description mal 2000-09-01 15:04:08 UTC

Same problem exists in RedHat.

Date: Thu, 31 Aug 2000 23:12:54 -0600
From: Linux Mandrake Security Team <security>
To: Linux Mandrake Security Announcements
<security-announce>
Subject: [Security Announce] MDKSA-2000:042 - mgetty update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

________________________________________________________________________

                Linux-Mandrake Security Update Advisory
________________________________________________________________________

Package name:           mgetty
Date:                   August 31st, 2000
Advisory ID:            MDKSA-2000:042

Affected versions:      6.0, 6.1, 7.0, 7.1
________________________________________________________________________

Problem Description:

 There is a problem in the mgetty package, which contains a number of
 tools for sending and receiving faxes.  The faxrunq tool uses a
 marker file in the /tmp directory, which is world-writable,  in an 
 insecure fashion.  This problem, if exploited, allows malicious users
 to overwrite files on the system via a symlink attack which are owned
 by the user that is invoking faxrunq.  All versions of mgetty prior to 
 1.1.22 are  vulnerable.
________________________________________________________________________

Comment 1 Nalin Dahyabhai 2000-09-07 19:49:40 UTC

An errata is being prepped.