Fedora: 2: net-tools Excessive privilege vulnerability - The Community's Center for Security


The central voice for Linux and Open Source security news

Welcome!

Sign up!

EnGarde Community

Polls

What is the most important Linux security technology?

	SELinux
	grsecurity
	CIS Benchmark
	Bastille Linux
	iptables
	LIDS

Advisories

Community

Linux Events

Linux User Groups

Link to Us

Security Center

Book Reviews

Security Dictionary

Security Tips

SELinux

White Papers

Featured Blogs

All About Linux

DanWalsh LiveJournal

Securitydistro

Latest Newsletters

Linux Security Week: May 14th, 2012

Linux Advisory Watch: May 10th, 2012

LinuxSecurity Newsletters

RSS Feeds

Get the LinuxSecurity news you want faster with RSS

Fedora: 2: net-tools Excessive privilege vulnerability

User Rating:

How can I rate this item?

Posted by LinuxSecurity.com Team

netlink_listen & netlink_receive_dump should both check the source of the packets by looking at nl_pid and ensuring that it is 0 before performing any reconfiguration of network interfaces.

Fedora Update Notification
FEDORA-2004-154
2004-06-03
---------------------------------------------------------------------

Product : Fedora Core 2
Name : net-tools
Version : 1.60
Release : 25.1
Summary : Basic networking tools.
Description :
The net-tools package contains basic networking tools, including
ifconfig, netstat, route, and others.

---------------------------------------------------------------------

The code in netlink.c is based in part on the code of iproute. It
was not updated when CAN-2003-0856 was announced. The code in
question is within the netlink_listen & netlink_receive_dump
functions. They should both check the source of the packets by
looking at nl_pid and ensuring that it is 0 before performing
any reconfiguration of network interfaces.

These updated packages now contain the latest netplug daemon which fixes that problem. All users of netplug are strongly encouraged to upgrade to these new packages.

---------------------------------------------------------------------

* Thu Jun 03 2004 Phil Knirsch <pknirsch@redhat.com> 1.60-25.1

- Built FC2 security errata version based on rawhide.

* Fri May 14 2004 Phil Knirsch <pknirsch@redhat.com> 1.60-27

- Fixed compiler warning/error in netplug.
- Updated to netplug-1.2.6 for security update and fixes.

* Thu May 06 2004 Phil Knirsch <pknirsch@redhat.com> 1.60-26

- Updated netplugd to latest upstream version.
- Fixed execshield problem in main.c of netplugd.

---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/

4d37c3c4484a9d0efe3a3f726072454a SRPMS/net-tools-1.60-25.1.src.rpm
caa17b1b3a8a9639afdf2483068e0f12 i386/net-tools-1.60-25.1.i386.rpm
6b9bc4fd68b8c4d9f11403f4f10b9e6e i386/debug/net-tools-debuginfo-1.60-25.1.i386.rpm
1a9523abb0871c1c173d3c1c8ec297a1 x86_64/net-tools-1.60-25.1.x86_64.rpm
a1fce7c6d5a0eed37d825f70f89ec53c x86_64/debug/net-tools-debuginfo-1.60-25.1.x86_64.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.