RedHat: gpm privilege problem - The Community's Center for Security


The central voice for Linux and Open Source security news

Welcome!

Sign up!

EnGarde Community

Polls

What is the most important Linux security technology?

	SELinux
	grsecurity
	CIS Benchmark
	Bastille Linux
	iptables
	LIDS

Advisories

Community

Linux Events

Linux User Groups

Link to Us

Security Center

Book Reviews

Security Dictionary

Security Tips

SELinux

White Papers

Featured Blogs

All About Linux

DanWalsh LiveJournal

Securitydistro

Latest Newsletters

Linux Advisory Watch: May 17th, 2013

Linux Security Week: May 13th, 2013

LinuxSecurity Newsletters

RSS Feeds

Get the LinuxSecurity news you want faster with RSS

RedHat: gpm privilege problem

User Rating:

How can I rate this item?

Posted by LinuxSecurity.com Team

gpm-root (part of the gpm packge) fails to drop gid 0 priviledges when executing user commands.


Package	gpm

Synopsis	gpm-root priviledge

Advisory ID	RHSA-2000:009-02

Issue Date	2000-04-07

Updated on	2000-04-10

Product	Red Hat Linux

Keywords	gpm gpm-root gid 0 priviledge

1. Topic: gpm-root (part of the gpm packge) fails to drop gid 0 priviledges when executing user commands. 2. Problem description: gpm is a cut and paste utility and mouse server for virtual consoles. As part of this package, the gpm-root program allows people to define menus and actions for display when clicking on the background of current tty. The current gpm-root program fails to correctly give up the group id 0 membership for user defined menus. If you are running gpm-root on your system then you are at risk. 3. Bug IDs fixed: (see bugzilla for more information) 10340 - Exploit in gpm-root. 10644 - gpm security problem in gpm-root 4. Relevant releases/architectures: Red Hat Linux 4.2 - alpha i386 sparc Red Hat Linux 5.2 - i386 alpha sparc Red Hat Linux 6.0 - alpha i386 sparc Red Hat Linux 6.1 - i386 alpha sparc Red Hat Linux 6.2 - alpha i386 sparc 5. Obsoleted by: N/A 6. Conflicts with: N/A 7. RPMs required: Red Hat Linux 4.2: intel: ftp://updates.Red Hat.com/4.2/i386/gpm-1.19.1-0.4.2.i386.rpm alpha: ftp://updates.Red Hat.com/4.2/alpha/gpm-1.19.1-0.4.2.alpha.rpm sparc: ftp://updates.Red Hat.com/4.2/sparc/gpm-1.19.1-0.4.2.sparc.rpm sources: ftp://updates.Red Hat.com/4.2/SRPMS/gpm-1.19.1-0.4.2.src.rpm Red Hat Linux 5.2: intel: ftp://updates.Red Hat.com/5.2/i386/gpm-1.19.1-0.5.2.i386.rpm alpha: ftp://updates.Red Hat.com/5.2/alpha/gpm-1.19.1-0.5.2.alpha.rpm sparc: ftp://updates.Red Hat.com/5.2/sparc/gpm-1.19.1-0.5.2.sparc.rpm sources: ftp://updates.Red Hat.com/5.2/SRPMS/gpm-1.19.1-0.5.2.src.rpm Red Hat Linux 6.0, 6.1, 6.2: Intel: ftp://updates.Red Hat.com/6.2/i386/gpm-1.19.1-1.i386.rpm Alpha: ftp://updates.Red Hat.com/6.0/alpha/gpm-1.19.1-1.alpha.rpm SPARC: ftp://updates.Red Hat.com/6.0/sparc/gpm-1.19.1-1.sparc.rpm Source: ftp://updates.Red Hat.com/6.2/SRPMS/gpm-1.19.1-1.src.rpm 8. Solution: For each RPM for your particular architecture, run: rpm -Uvh filename where filename is the name of the RPM. 9. Verification: MD5 sum Package Name ------------------------------------------------------------------------- b8278a5d0a867a2fd8e6ac4a927627cb 4.2/alpha/gpm-1.19.1-0.4.2.alpha.rpm c5075756a0f74c36a94c78ccda496412 4.2/sparc/gpm-1.19.1-0.4.2.sparc.rpm b3d87c92880a9bf80d0fd3ff944e907b 4.2/SRPMS/gpm-1.19.1-0.4.2.src.rpm 7112c804fd008e137f8d6551460c10d7 4.2/i386/gpm-1.19.1-0.4.2.i386.rpm 79ebec95b2d6e48f60d4e34cfdee6f93 5.2/i386/gpm-1.19.1-0.5.2.i386.rpm c4cdced5149e773733458c234ede2ac7 5.2/SRPMS/gpm-1.19.1-0.5.2.src.rpm 330e555a09e7b5c85187d348dbf453e6 5.2/alpha/gpm-1.19.1-0.5.2.alpha.rpm 5ceda554f2549c100a88d6370e45e2f6 5.2/sparc/gpm-1.19.1-0.5.2.sparc.rpm 867c4316ec0645fd8e51b674646ef44d 6.2/alpha/gpm-1.19.1-1.alpha.rpm fbeb89d319776e7eb3af1db15679e93f 6.2/sparc/gpm-1.19.1-1.sparc.rpm 86a800ce94206877edc4f6e88272deee 6.2/i386/gpm-1.19.1-1.i386.rpm 8dedce47f4e6aa7bbfb36d9630561cd4 6.2/SRPMS/gpm-1.19.1-1.src.rpm These packages are GPG signed by Red Hat, Inc. for security. Our key is available at: http://www.Red Hat.com/about/contact.html You can verify each package with the following command: rpm --checksig filename If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg filename Note that you need RPM >= 3.0 to check GnuPG keys. 10. References: http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000322182143.4498.qmail@securityfocus.com Thanks also go to Egmont Koblinger and the members of the Bugtraq list.

< Prev		Next >

Partner

Latest Features

Securing a Linux Web Server

Password guessing with Medusa 2.0

Password guessing as an attack vector

Squid and Digest Authentication

Squid and Basic Authentication

Demystifying the Chinese Hacking Industry: Earning 6 Million a Night

Free Online security course (LearnSIA) - A Call for Help

What You Need to Know About Linux Rootkits

Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition

Using the sec-wall Security Proxy

Weekend Edition

LulzSec Hackers Sentenced In London

How to hack an electric car-charging station

Partner Sponsor