copyright
|
disclaimer
|
privacy
|
contact
HOME
About
AusCERT
Membership
Contact Us
PKI Services
Training
Publications
Sec. Bulletins
Conferences
News & Media
Services
Web Log
Site Map
Site Help
Member login
Login »
Become a member »
Home
»
Security Bul...
» ESB-2000.376 -- RHSA-2000:117-01 -- Updated bash (1....
ESB-2000.376 -- RHSA-2000:117-01 -- Updated bash (1.x) packages for Red Hat Linux 5.x, 6.x available
Date:
28 November 2000
References
:
ESB-2001.026
Click here for printable version
-----BEGIN PGP SIGNED MESSAGE----- =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2000.376 -- RHSA-2000:117-01 Updated bash (1.x) packages for Red Hat Linux 5.x, 6.x available 28 November 2000 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: bash (1.x) Vendor: Red Hat Operating System: Red Hat Linux Impact: Denial of Service Access Required: Local - --------------------------BEGIN INCLUDED TEXT-------------------- - --------------------------------------------------------------------- Red Hat, Inc. Security Advisory Synopsis: Updated bash (1.x) packages for Red Hat Linux 5.x, 6.x available Advisory ID: RHSA-2000:117-01 Issue date: 2000-11-27 Updated on: 2000-11-27 Product: Red Hat Linux Keywords: bash bash1 security exploit << denial of service Cross references: N/A - --------------------------------------------------------------------- 1. Topic: Updated bash (1.x) packages for Red Hat Linux 5.x and 6.x, fixing a security problem, are available. 2. Relevant releases/architectures: Red Hat Linux 5.0 - i386, alpha, sparc Red Hat Linux 5.1 - i386, alpha, sparc Red Hat Linux 5.2 - i386, alpha, sparc Red Hat Linux 6.0 - i386, alpha, sparc Red Hat Linux 6.1 - i386, alpha, sparc Red Hat Linux 6.2 - i386, alpha, sparc Red Hat Linux 6.2EE - i386, alpha, sparc 3. Problem description: The << operator in bash 1.x used predictable filenames, leading to a potential denial of service attack. A local user account is required to exploit the security leak. 4. Solution: For each RPM for your particular architecture, run: rpm -Fvh [filename] where filename is the name of the RPM. 5. Bug IDs fixed (http://bugzilla.redhat.com/bugzilla for more info): 21292 - bash creates insecure tmp files 6. RPMs required: Red Hat Linux 5.2: alpha: ftp://updates.redhat.com/5.2/alpha/bash-1.14.7-23.5x.alpha.rpm sparc: ftp://updates.redhat.com/5.2/sparc/bash-1.14.7-23.5x.sparc.rpm i386: ftp://updates.redhat.com/5.2/i386/bash-1.14.7-23.5x.i386.rpm sources: ftp://updates.redhat.com/5.2/SRPMS/bash-1.14.7-23.5x.src.rpm Red Hat Linux 6.2: alpha: ftp://updates.redhat.com/6.2/alpha/bash-1.14.7-23.6x.alpha.rpm sparc: ftp://updates.redhat.com/6.2/sparc/bash-1.14.7-23.6x.sparc.rpm i386: ftp://updates.redhat.com/6.2/i386/bash-1.14.7-23.6x.i386.rpm sources: ftp://updates.redhat.com/6.2/SRPMS/bash-1.14.7-23.6x.src.rpm 7. Verification: MD5 sum Package Name - -------------------------------------------------------------------------- e2eba8b1e7a15821046febdff1961508 5.2/SRPMS/bash-1.14.7-23.5x.src.rpm 002c01664380a1f084caf320dd058f3a 5.2/alpha/bash-1.14.7-23.5x.alpha.rpm da6d41c36fcb4b28f9a4731c6785cb8d 5.2/i386/bash-1.14.7-23.5x.i386.rpm f28847e9beae06113e58455a5133a1ca 5.2/sparc/bash-1.14.7-23.5x.sparc.rpm 23b421bbc697b9c57a7d413ece9e4df2 6.2/SRPMS/bash-1.14.7-23.6x.src.rpm 19ed96c0935ef630215736d242911c98 6.2/alpha/bash-1.14.7-23.6x.alpha.rpm 9fe492b13c08e7993a918d0395fda486 6.2/i386/bash-1.14.7-23.6x.i386.rpm 1a92e61a4d5c7989b26d687dfe881a5c 6.2/sparc/bash-1.14.7-23.6x.sparc.rpm These packages are GPG signed by Red Hat, Inc. for security. Our key is available at: http://www.redhat.com/corp/contact.html You can verify each package with the following command: rpm --checksig
If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg
8. References: N/A Copyright(c) 2000 Red Hat, Inc. - --------------------------END INCLUDED TEXT-------------------- This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to use any or all of this information is the responsibility of each user or organisation, and should be done so in accordance with site policies and procedures. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the original authors to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/Information/advisories.html If you believe that your system has been compromised, contact AusCERT or your representative in FIRST (Forum of Incident Response and Security Teams). Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for emergencies. -----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: noconv Comment: ftp://ftp.auscert.org.au/pub/auscert/AUSCERT_PGP.key iQCVAwUBOlSNYCh9+71yA2DNAQGPawP/dQ/ruHRbTz6/OEP1KauE08cI1zE2FrcV UmwYCqfDB63vwAreQxJQBR37sdzLgSXno36rgXT7FodiWdlTE7yWjMzdgtAW+FhO HmoM8pDfmuV70m8Q/8NWWbsOdNM9i7MORCyFQ0/YWGzL7UPEwOsjlUBBfK636YtQ OgOBWUuIoQ8= =hS9k -----END PGP SIGNATURE-----
Comments? Click here
http://www.auscert.org.au/render.html?cid=1&it=1082