------------------------------------------------------------------------
Debian Security Advisory DSA-056-1                   security@debian.org 
Debian -- Security Information                          Wichert Akkerman
May  8, 2001
------------------------------------------------------------------------


Package        : man-db
Problem type   : local file overwrite
Debian-specific: no

Ethan Benson found a bug in man-db packages as distributed in
Debian/GNU/Linux 2.2. man-db includes a mandb tool which is used to
build an index of the manual pages installed on a system. When the -u or
-c option were given on the command-line to tell it to write its database
to a different location it failed to properly drop privileges before
creating a temporary file. This makes it possible for an attacked to do
a standard symlink attack to trick mandb into overwriting any file that
is writable by uid man, which includes the man and mandb binaries.

This has been fixed in version 2.3.16-3, and we recommend that you
upgrade your man-db package immediately. If you use suidmanager
you can also use that to make sure man and mandb are not installed
suid which protects you from this problem. This can be done with the
following commands:

  suidregister /usr/lib/man-db/man root root 0755
  suidregister /usr/lib/man-db/mandb root root 0755

Of course even when using suidmanager an upgrade is still strongly
recommended.


wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.


Debian GNU/Linux 2.2 alias potato
---------------------------------

  Potato was released for alpha, arm, i386, m68k, powerpc and sparc.

  Source archives:
      
      MD5 checksum: 9b151e47acd5724d0a92b5ad7744d6ae
      
      MD5 checksum: dab73666ef671d0bb4995c4ba653d2c3

  Alpha architecture:
      
      MD5 checksum: 0e075e4788b1dc1edfa35d4d21a48252

  ARM architecture:
      
      MD5 checksum: 3de307e54eafaf23dea1f8016bc0a2aa

  Intel ia32 architecture:
      
      MD5 checksum: 434291472106de31c2f10dce3c725a3c

  Motorola 680x0 architecture:
      
      MD5 checksum: 3025cc1e2303dca7ebf3e6df7a60a587

  PowerPC architecture:
      
      MD5 checksum: 880642cfed94f5f02d9212e940ba0c46

  Sun Sparc architecture:
      
      MD5 checksum: 4df2f927732b9f6d1a5e9b62b8ecb0ff

  These packages will be moved into the stable distribution on its next
  revision.

For not yet released architectures please refer to the appropriate
directory    .

--
----------------------------------------------------------------------------
apt-get: deb  Debian -- Security Information  stable/updates main
dpkg-ftp:    dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org

Debian: 'man-db' vulnerabilities

May 8, 2001
Ethan Benson found a bug in man-db packages as distributed in Debian/GNU/Linux 2.2.

Summary

Package : man-db
Problem type : local file overwrite
Debian-specific: no

Ethan Benson found a bug in man-db packages as distributed in
Debian/GNU/Linux 2.2. man-db includes a mandb tool which is used to
build an index of the manual pages installed on a system. When the -u or
-c option were given on the command-line to tell it to write its database
to a different location it failed to properly drop privileges before
creating a temporary file. This makes it possible for an attacked to do
a standard symlink attack to trick mandb into overwriting any file that
is writable by uid man, which includes the man and mandb binaries.

This has been fixed in version 2.3.16-3, and we recommend that you
upgrade your man-db package immediately. If you use suidmanager
you can also use that to make sure man and mandb are not installed
suid which protects you from this problem. This can be done with the
following commands:

suidregister /usr/lib/man-db/man root root 0755
suidregister /usr/lib/man-db/mandb root root 0755

Of course even when using suidmanager an upgrade is still strongly
recommended.


wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.


Debian GNU/Linux 2.2 alias potato
---------------------------------

Potato was released for alpha, arm, i386, m68k, powerpc and sparc.

Source archives:

MD5 checksum: 9b151e47acd5724d0a92b5ad7744d6ae

MD5 checksum: dab73666ef671d0bb4995c4ba653d2c3

Alpha architecture:

MD5 checksum: 0e075e4788b1dc1edfa35d4d21a48252

ARM architecture:

MD5 checksum: 3de307e54eafaf23dea1f8016bc0a2aa

Intel ia32 architecture:

MD5 checksum: 434291472106de31c2f10dce3c725a3c

Motorola 680x0 architecture:

MD5 checksum: 3025cc1e2303dca7ebf3e6df7a60a587

PowerPC architecture:

MD5 checksum: 880642cfed94f5f02d9212e940ba0c46

Sun Sparc architecture:

MD5 checksum: 4df2f927732b9f6d1a5e9b62b8ecb0ff

These packages will be moved into the stable distribution on its next
revision.

For not yet released architectures please refer to the appropriate
directory .

--
----------------------------------------------------------------------------
apt-get: deb Debian -- Security Information stable/updates main
dpkg-ftp: dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org




Severity

Related News

19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved