sharutils uudecode utility symbolic links could be used to overwrite arbitrary files

sharutils-uudecode-symlink (9075) The risk level is classified as MediumMedium Risk

Description:

The uudecode utility in sharutils creates temporary files insecurely, which could allow a local attacker to launch a symlink attack. A local attacker could create a symbolic link from a file in /tmp to an arbitrary file on the system, which would be overwritten when a user runs the uudecode utility. An attacker could use this vulnerability to gain elevated privileges on the system.


Consequences:

File Manipulation

Remedy:

For Red Hat Linux 6.2:
Upgrade to the latest version of sharutils (4.2.1-2.6.x or later), as listed in Red Hat Linux Errata Advisory RHSA-2002:065-13. See References.

For Red Hat Linux 7.0, 7.1, and 7.2:
Upgrade to the latest version of sharutils (4.2.1-8.7.x or later), as listed in Red Hat Linux Errata Advisory RHSA-2002:065-13. See References.

For HP Secure OS Software for Linux 1.0:
Apply the RHSA-2002:065 RPMs, as listed in Hewlett-Packard Company Security Bulletin HPSBTL0205-040. See References.

For Mandrake Linux 7.1, 7.2, 8.0, 8.1, 8.2, Single Network Firewall 7.2, and Corporate Server 1.0.1:
Upgrade to the latest sharutils package 4.2.1-8.1mdk or later, as listed in MandrakeSoft Security Advisory MDKSA-2002:052 : sharutils. See References.

For Caldera OpenLinux 3.1 and 3.1.1 (Server and Workstation):
Upgrade to the latest sharutils package (4.2.1-7MR.1 or later), as listed in SCO Security Advisory CSSA-2002-040.0. See References.

For Gentoo Linux:
Upgrade versions sys-apps/sharutils-4.2.1-r5 and earlier, as listed in Gentoo Linux Security Announcement 2002-10-30 14:10 UTC . See References.

For HP Tru64 UNIX:
Apply the appropriate patch for your system, as listed in Compaq.com - Security Bulletin: SRB0031W. See References.

For Caldera UnixWare 7.1.1 and OpenUnix 8.0.0:
Upgrade to the appropriate fixed binaries, as listed in SCO Security Advisory CSSA-2002-SCO.44. See References.

For SCO OpenServer 5.0.6, and 5.0.7:
Upgrade to the appropriate fixed binaries, as listed in SCO Security Advisory SCOSA-2004.12. See References.

For other distributions:
Contact your vendor for upgrade or patch information.

References:

Platforms Affected:

  • Compaq Tru64 4.0f
  • Compaq Tru64 4.0g
  • Compaq Tru64 5.0a
  • Compaq Tru64 5.1
  • Compaq Tru64 5.1a
  • Gentoo Linux
  • GNU sharutils
  • HP Secure OS 1.0
  • MandrakeSoft Mandrake Linux 7.1
  • MandrakeSoft Mandrake Linux 7.2
  • MandrakeSoft Mandrake Linux 8.0 PPC
  • MandrakeSoft Mandrake Linux 8.0
  • MandrakeSoft Mandrake Linux 8.1
  • MandrakeSoft Mandrake Linux 8.1 IA64
  • MandrakeSoft Mandrake Linux 8.2 PPC
  • MandrakeSoft Mandrake Linux 8.2
  • MandrakeSoft Mandrake Linux Corporate Server 1.0.1
  • MandrakeSoft Mandrake Single Network Firewall 7.2
  • RedHat Enterprise Linux 2.1 AS
  • RedHat Linux 6.2
  • RedHat Linux 7
  • RedHat Linux 7.1
  • RedHat Linux 7.2
  • RedHat Linux 7.3
  • SCO Caldera OpenLinux Server 3.1
  • SCO Caldera OpenLinux Server 3.1.1
  • SCO Caldera OpenLinux Workstation 3.1
  • SCO Caldera OpenLinux Workstation 3.1.1
  • SCO Caldera OpenUnix 8.0.0
  • SCO Caldera UnixWare 7.1.1
  • SCO SCO OpenServer 5.0.6
  • SCO SCO OpenServer 5.0.7

Reported:

May 14, 2002

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page