Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 49536

Summary: sys-apps/utempter potential symlink vulnerability
Product: Gentoo Security Reporter: gen2daniel <gen2daniel>
Component: GLSA ErrorsAssignee: Gentoo Security <security>
Severity: critical CC: greg_g, seemant
Priority: High Flags: klieber: Assigned_To? (klieber)
Version: unspecified   
Hardware: All   
OS: Linux   
Package list:
Runtime testing required: ---

Description gen2daniel 2004-04-30 13:45:34 UTC
Steve Grubb discovered a flaw in Utempter which allowed device names
containing directory traversal sequences such as '/../'.  In combination
with an application that trusts the utmp or wtmp files, this could allow a
local attacker the ability to overwrite privileged files using a symlink.

Users should upgrade to this new version of utempter, which fixes this

Reproducible: Always
Steps to Reproduce:
Comment 1 Donnie Berkholz (RETIRED) gentoo-dev 2004-05-02 10:04:46 UTC
I'll look into this and try to get it updated today or tomorrow at the latest.
Comment 2 Seemant Kulleen (RETIRED) gentoo-dev 2004-05-03 14:16:12 UTC
5.5.4 added into portage -- amd64 and arm people, please mark stable and let us know when you have.
Comment 3 SpanKY gentoo-dev 2004-05-03 14:28:47 UTC
arm stable ;)
Comment 4 Thierry Carrez (RETIRED) gentoo-dev 2004-05-10 05:10:16 UTC
Still waiting for amd64 to mark stable.
Comment 5 Jon Portnoy (RETIRED) gentoo-dev 2004-05-10 09:05:24 UTC
Comment 6 Thierry Carrez (RETIRED) gentoo-dev 2004-05-10 11:51:42 UTC
Thanks. This one is now ready for a GLSA
Comment 7 Kurt Lieber (RETIRED) gentoo-dev 2004-05-13 09:34:12 UTC
GLSA 200405-05