|
|
|
View Notes By
|
|
|
|
Other Documents
|
|
|
|
 |
Vulnerability Note VU#312692
Shadow Utils useradd utility sets incorrect file permissions
OverviewThe Shadow Utilities contain a vulnerability that may result in new user mailboxes having arbitrary permissions.
I. DescriptionThe Shadow Utilities provide tools to manage user accounts.
When a new mailbox is created using the useradd utility, the open() function does not receive the expected arguments while O_CREAT is present. The result of this error is that random permissions are applied to the new mailbox.
II. ImpactA local, unprivileged attacker may be able to gain access to newly created mailbox files.
III. SolutionAffected vendors have released updates to address this issue. Users are encouraged to see the Systems Affected portion of this document for a partial list of affected vendors.
Systems Affected
| Vendor | Status | Date Notified | Date Updated |
|---|
| Apple Computer, Inc. | Not Vulnerable | 23-May-2006 |
| Cisco Systems, Inc. | Unknown | 12-May-2006 |
| Conectiva Inc. | Unknown | 17-May-2006 |
| Cray Inc. | Unknown | 17-May-2006 |
| Debian GNU/Linux | Unknown | 17-May-2006 |
| EMC, Inc. (formerly Data General Corporation) | Unknown | 17-May-2006 |
| Engarde Secure Linux | Unknown | 17-May-2006 |
| F5 Networks, Inc. | Not Vulnerable | 22-May-2006 |
| Fedora Project | Unknown | 17-May-2006 |
| FreeBSD, Inc. | Unknown | 17-May-2006 |
| Fujitsu | Unknown | 17-May-2006 |
| Gentoo Linux | Vulnerable | 14-Dec-2007 |
| Hewlett-Packard Company | Unknown | 17-May-2006 |
| Hitachi | Unknown | 17-May-2006 |
| IBM Corporation | Unknown | 17-May-2006 |
| IBM Corporation (zseries) | Unknown | 17-May-2006 |
| IBM eServer | Unknown | 17-May-2006 |
| Immunix Communications, Inc. | Unknown | 17-May-2006 |
| Ingrian Networks, Inc. | Unknown | 17-May-2006 |
| Juniper Networks, Inc. | Unknown | 17-May-2006 |
| Mandriva, Inc. | Unknown | 17-May-2006 |
| Microsoft Corporation | Unknown | 17-May-2006 |
| MontaVista Software, Inc. | Unknown | 17-May-2006 |
| NEC Corporation | Unknown | 17-May-2006 |
| NetBSD | Unknown | 17-May-2006 |
| Nokia | Unknown | 17-May-2006 |
| Novell, Inc. | Unknown | 17-May-2006 |
| OpenBSD | Unknown | 17-May-2006 |
| Openwall GNU/*/Linux | Not Vulnerable | 17-May-2006 |
| QNX, Software Systems, Inc. | Unknown | 17-May-2006 |
| Red Hat, Inc. | Unknown | 12-May-2006 |
| Silicon Graphics, Inc. | Unknown | 17-May-2006 |
| Slackware Linux Inc. | Unknown | 17-May-2006 |
| Sony Corporation | Unknown | 17-May-2006 |
| Sun Microsystems, Inc. | Unknown | 17-May-2006 |
| SUSE Linux | Unknown | 17-May-2006 |
| Trustix Secure Linux | Unknown | 17-May-2006 |
| Turbolinux | Unknown | 17-May-2006 |
| Ubuntu | Unknown | 17-May-2006 |
| Unisys | Unknown | 17-May-2006 |
| Wind River Systems, Inc. | Unknown | 17-May-2006 |
References
http://linux.die.net/man/8/useradd
http://www.redhat.com/docs/manuals/enterprise/RHEL-5-manual/Deployment_Guide-en-US/s1-users-tools.html
http://www.gentoo.org/security/en/glsa/glsa-200606-02.xml
http://cvsweb.openwall.com/cgi/cvsweb.cgi/Owl/packages/shadow-utils/shadow-4.0.4.1-owl-create-mailbox.diff?rev=HEAD
http://www.securityfocus.com/archive/1/archive/1/468336/100/0/threaded
https://www.securecoding.cert.org/confluence/x/VQBc
Credit
This document was written by Jeff Gennari.
Other Information
| Date Public: | 2006-05-31 |
| Date First Published: | 2007-12-14 |
| Date Last Updated: | 2007-12-14 |
| CERT Advisory: | |
| CVE-ID(s): | CVE-2006-1174 |
| NVD-ID(s): | CVE-2006-1174 |
| US-CERT Technical Alerts: | |
| Metric: | 0.23 |
| Document Revision: | 27 |
If you have feedback, comments, or additional information about this vulnerability, please send us
email.
|
|
Get Adobe Reader