Bug 17178 - one more security problem with mgetty
one more security problem with mgetty
Status: CLOSED ERRATA
Product: Red Hat Linux
Classification: Retired
Component: mgetty (Show other bugs)
7.0
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Nalin Dahyabhai
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2000-09-01 11:04 EDT by mal
Modified: 2008-05-01 11:37 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2000-09-07 15:49:43 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description mal 2000-09-01 11:04:08 EDT
Same problem exists in RedHat.

Date: Thu, 31 Aug 2000 23:12:54 -0600
From: Linux Mandrake Security Team <security@linux-mandrake.com>
To: Linux Mandrake Security Announcements
<security-announce@linux-mandrake.com>
Subject: [Security Announce] MDKSA-2000:042 - mgetty update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

________________________________________________________________________

                Linux-Mandrake Security Update Advisory
________________________________________________________________________

Package name:           mgetty
Date:                   August 31st, 2000
Advisory ID:            MDKSA-2000:042

Affected versions:      6.0, 6.1, 7.0, 7.1
________________________________________________________________________

Problem Description:

 There is a problem in the mgetty package, which contains a number of
 tools for sending and receiving faxes.  The faxrunq tool uses a
 marker file in the /tmp directory, which is world-writable,  in an 
 insecure fashion.  This problem, if exploited, allows malicious users
 to overwrite files on the system via a symlink attack which are owned
 by the user that is invoking faxrunq.  All versions of mgetty prior to 
 1.1.22 are  vulnerable.
________________________________________________________________________
Comment 1 Nalin Dahyabhai 2000-09-07 15:49:40 EDT
An errata is being prepped.

Note You need to log in before you can comment on or make changes to this bug.