Vulnerability Note VU#25701

Linux gpm daemon allows arbitrary file removal

Overview

gpm version 1.19.2 and earlier are vulnerable due to a flaw that allows a local user to delete arbitrary files.

I. Description

gpm (General Purpose Mouse) is the program that lets you use the mouse in console mode when not using XWindows. It is usually included in Linux distributions, and can be started from the command line or in the startup script /etc/rc.d/rc.local. A vulnerability in gpm version 1.19.2 and earlier allows local users to delete arbitrary files.

II. Impact

A user with console access can use this vulnerability to delete any file of his choosing.

III. Solution

Upgrade to gpm version 1.19.3 or later.

Systems Affected

Vendor	Status	Date Notified
Caldera	Vulnerable	13-Sep-2002
Conectiva	Vulnerable	25-May-2001
MandrakeSoft	Vulnerable	25-May-2001
Red Hat Inc.	Unknown	25-May-2001

References

http://www.securityfocus.com/bid/1512
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0667
http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000240
http://marc.theaimsgroup.com/?l=bugtraq&m=96473014104340&w=2
http://archives.neohapsis.com/archives/bugtraq/2000-07/0396.html
http://www.caldera.com/support/security/advisories/CSSA-2000-024.0.txt
http://marc.theaimsgroup.com/?l=bugtraq&m=96480812908563&w=2
http://www.linux-mandrake.com/en/security/2000/MDKSA-2000-025.php3?dis=6.0
http://www.redhat.com/support/errata/RHSA-2000-045-01.html

Credit

This document was written by Andy Moore.

Other Information

Date Public:	2000-07-27
Date First Published:	2001-05-25
Date Last Updated:	2002-09-13
CERT Advisory:
CVE-ID(s):	CAN-2000-0667
NVD-ID(s):	CAN-2000-0667
US-CERT Technical Alerts:
Metric:	3.04
Document Revision:	11

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Get Adobe Reader