Vulnerability Note VU#25701

Linux gpm daemon allows arbitrary file removal

Overview

gpm version 1.19.2 and earlier are vulnerable due to a flaw that allows a local user to delete arbitrary files.

I. Description

gpm (General Purpose Mouse) is the program that lets you use the mouse in console mode when not using XWindows. It is usually included in Linux distributions, and can be started from the command line or in the startup script /etc/rc.d/rc.local. A vulnerability in gpm version 1.19.2 and earlier allows local users to delete arbitrary files.

II. Impact

A user with console access can use this vulnerability to delete any file of his choosing.

III. Solution

Upgrade to gpm version 1.19.3 or later.

Systems Affected

Vendor	Status	Date Updated
Caldera	Vulnerable	13-Sep-2002
Conectiva	Vulnerable	25-May-2001
MandrakeSoft	Vulnerable	25-May-2001
Red Hat Inc.	Unknown	25-May-2001

References

http://www.securityfocus.com/bid/1512
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0667
http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000240
http://marc.theaimsgroup.com/?l=bugtraq&m=96473014104340&w=2
http://archives.neohapsis.com/archives/bugtraq/2000-07/0396.html
http://www.caldera.com/support/security/advisories/CSSA-2000-024.0.txt
http://marc.theaimsgroup.com/?l=bugtraq&m=96480812908563&w=2
http://www.linux-mandrake.com/en/security/2000/MDKSA-2000-025.php3?dis=6.0
http://www.redhat.com/support/errata/RHSA-2000-045-01.html

Credit

This document was written by Andy Moore.

Other Information

Date Public	07/27/2000
Date First Published	05/25/2001 02:23:29 PM
Date Last Updated	09/13/2002
CERT Advisory
CVE Name	CAN-2000-0667
US-CERT Technical Alerts
Metric	3.04
Document Revision	11

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Get Adobe Reader