GLSA
Advocate
Joined: 12 May 2004
Posts: 2663
|
 Posted: Wed Mar 11, 2009 12:26 am Post subject: [ GLSA 200903-24 ] Shadow: Privilege escalation |
 |
|
Gentoo Linux Security Advisory
Title: Shadow: Privilege escalation (GLSA 200903-24)
Severity: high
Exploitable: local
Date: March 10, 2009
Bug(s): #251320
ID: 200903-24
Synopsis
An insecure temporary file usage in Shadow may allow local users to gain root privileges.
Background
Shadow is a set of tools to deal with user accounts.
Affected Packages
Package: sys-apps/shadow
Vulnerable: < 4.1.2.2
Unaffected: >= 4.1.2.2
Architectures: All supported architectures
Description
Paul Szabo reported a race condition in the "login" executable when setting up tty permissions.
Impact
A local attacker belonging to the "utmp" group could use symlink attacks to overwrite arbitrary files and possibly gain root privileges.
Workaround
There is no known workaround at this time.
Resolution
All Shadow users should upgrade to the latest version: | Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=sys-apps/shadow-4.1.2.2" |
References
CVE-2008-5394 |
|
News & Announcements
