RSBAC JAIL module CREATE check gain privileges
| rsbac-jail-gain-privileges (16552) |  High Risk |
Description:
RSBAC (Rule Set Based Access Control) could allow a local attacker to gain elevated privileges, caused by a vulnerability in the JAIL module CREATE check. A local attacker could use the sys_creat, sys_open and sys_mknod functions to create suid and sgid files within a jail.
Consequences:
Gain Privileges
Remedy:
Apply the rsbac-bugfix-v1.2.3-1 patch, available from the RSBAC Bugfixes Web page. See References.
References:
- BugTraq Mailing List, Wed Jun 30 2004 - 07:03:29 CDT : [rsbac] Bugfix 1.2.3-3 / JAIL.
- BugTraq Mailing List, Wed Jun 30 2004 - 09:42:10 CDT : rsbac 1.2.3 jail security problems.
- RSBAC Bugfixes Web page: Version 1.2.3.
- BID-10640: RSBAC Jail SUID And SGID File Creation Vulnerability
- CVE-2004-0667: Rule Set Based Access Control (RSBAC) 1.2.2 through 1.2.3 allows access to sys_creat, sys_open, and sys_mknod inside jails, which could allow local users to gain elevated privileges.
Platforms Affected:
- RSBAC Rule Set Based Access Control 1.2.2
- RSBAC Rule Set Based Access Control 1.2.3
Reported:
Jun 30, 2004
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net