Linux rmt(8) utility can compromise root privileges to local attackers
| linux-rmt (2268) |  High Risk |
Description:
Several security vulnerabilities in the rmt program on Linux systems could allow a local attacker to gain root privileges.
Platforms Affected:
- SCO, Caldera OpenLinux
Remedy:
All versions of rmt distributed with the dump package 0.4b4 should be considered vulnerable. Upgrade to the latest dump package (dump-0.4b4-3 or later), as listed in Caldera Systems, Inc. Security Advisory CSSA-1999-014.0. See References.
Consequences:
Gain Privileges
References:
- Caldera International, Inc. Security Advisory CSSA-1999-014.0, /sbin/rmt with suid allows superuser privileges at ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-1999:014.0.txt.
- CVE-2000-0372: Vulnerability in Caldera rmt command in the dump package 0.4b4 allows a local user to gain root privileges.
- OSVDB ID: 7940: Caldera Dump Package rmt Local Privilege Escalation
Reported:
Jun 08, 1999
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net