[17771] in bugtraq
[CLSA-2000:340] Conectiva Linux Security Announcement - modutils
daemon@ATHENA.MIT.EDU (secure@CONECTIVA.COM.BR)
Thu Nov 23 20:08:03 2000
Message-ID: <200011222046.SAA31456@frajuto.distro.conectiva>
Date: Wed, 22 Nov 2000 18:46:59 -0200
Reply-To: secure@CONECTIVA.COM.BR
From: secure@CONECTIVA.COM.BR
X-To: lwn@lwn.net, security-alert@linuxsecurity.com,
linuxlist@securityportal.com
To: BUGTRAQ@SECURITYFOCUS.COM
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- -----------------------------------------------------------------------
CONECTIVA LINUX SECURITY ANNOUNCEMENT
- -----------------------------------------------------------------------
PACKAGE : modutils
SUMMARY : Local root exploit in modutils
DATE : 2000-11-22 18:46:00
ID : CLSA-2000:340
RELEVANT
RELEASES : 5.1
- ----------------------------------------------------------------------
DESCRIPTION
The modutils package contains an utility called modprobe which is
normally used by the kernel when loading modules on demand.
In versions higher that 2.1.121, the modprobe utility could be
tricked into executing commands supplied as a module name. A normal
user cannot load kernel modules, but he/she can make the kernel at
least try to load a module with a given name by other means. If, as a
result, modprobe is called (with root privileges), the commands will
be executed as root or could at least be interpreted as options for
the modprobe program.
SOLUTION
All Conectiva Linux 5.1 users should upgrade immediately. Prior
versions use modutils 2.1.121 (or earlier) that does not contain this
vulnerability.
ACKNOWLEDGEMENTS:
This problem was found by Sebastian Krahmer and first reported to
Bugtraq by Michal Zalewski.
We would like to thank Keith Owens for releasing a new version that
addresses the security issues.
DIRECT DOWNLOAD LINKS TO THE UPDATED PACKAGES
ftp://atualizacoes.conectiva.com.br/5.1/SRPMS/modutils-2.3.21-1cl.src.rpm
ftp://atualizacoes.conectiva.com.br/5.1/i386/modutils-2.3.21-1cl.i386.rpm
- ----------------------------------------------------------------------
All packages are signed with Conectiva's GPG key. The key can be
obtained at http://www.conectiva.com.br/contato
- -----------------------------------------------------------------------
All our advisories and generic update instructions can be viewed at
http://www.conectiva.com.br/suporte/atualizacoes
- ----------------------------------------------------------------------
subscribe: atualizacoes-anuncio-subscribe@papaleguas.conectiva.com.br
unsubscribe: atualizacoes-anuncio-unsubscribe@papaleguas.conectiva.com.br
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE6HDDC42jd0JmAcZARAoGYAJ47H59/8fhWPWWznfGsg6FDlQjq6QCgo09B
RvGgasFckp89sYJPNGmL9uQ=
=TnVy
-----END PGP SIGNATURE-----
