From sup-info@LOCUTUS4.CALDERASYSTEMS.COM Tue Jan 16 19:53:35 2001 From: Caldera Support Info To: BUGTRAQ@SECURITYFOCUS.COM Date: Mon, 15 Jan 2001 17:11:05 -0700 Subject: [BUGTRAQ] Caldera Systems Security Advisory -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ Caldera Systems, Inc. Security Advisory Subject: temp file problems in inn Advisory number: CSSA-2001-001.0 Issue date: 2001 January, 11 Cross reference: ______________________________________________________________________________ 1. Problem Description INN uses a temporary directory for several operations. Those operations use it in a unsecure manner, which would allow an attacker to gain access to the 'news' user. Since INN is not supposed to work in a public temporary directory, please use the described workaround to change the temp directory to a news private one. 2. Vulnerable Versions System Package ----------------------------------------------------------- OpenLinux Desktop 2.3 All released inn packages OpenLinux eServer 2.3.1 All released inn packages and OpenLinux eBuilder OpenLinux eDesktop 2.4 All released inn packages 3. Solution Workaround: Edit /etc/news/inn.conf, change the line pathtmp: /var/tmp to read pathtmp: /var/run/news After this, restart INN by running as root: /etc/rc.d/init.d/news stop /etc/rc.d/init.d/news start 4. OpenLinux Desktop 2.3 No fixed packages released, see workaround above. 5. OpenLinux eServer 2.3.1 and OpenLinux eBuilder for ECential 3.0 No fixed packages released, see workaround above. 6. OpenLinux eDesktop 2.4 No fixed packages released, see workaround above. 7. References This and other Caldera security resources are located at: http://www.calderasystems.com/support/security/index.html This security fix closes Caldera's internal Problem Report 8673. 8. Disclaimer Caldera Systems, Inc. is not responsible for the misuse of any of the information we provide on this website and/or through our security advisories. Our advisories are a service to our customers intended to promote secure installation and use of Caldera OpenLinux. 9. Acknowledgements Caldera Systems, Inc. wishes to thank the Team at Immunix, Greg KH at Wirex and Solar Designer for drawing our attention, and their cooperation. ______________________________________________________________________________ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.1 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6X3hx18sy83A/qfwRAg20AKCTUcuEhv34ap/5FdmjCla9/8ZFEwCgxCMl WtA3Ghi1CPyEvYbE4IS5Clw= =NSte -----END PGP SIGNATURE-----