AusCERT - ESB-2012.0475 - [Debian] gridengine: Root compromise

HOME
About AusCERT
Membership
PKI Services
Training
Publications
Sec. Bulletins
Conferences
News & Media
Services
Web Log
Site Map
Site Help
Member login
ESB-2012.0475 - [Debian] gridengine: Root compromise - Existing account
Date: 16 May 2012
References: ASB-2012.0060

Click here for printable version
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2012.0475
                        gridengine security update
                                16 May 2012

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           gridengine
Publisher:         Debian
Operating System:  Debian GNU/Linux 6
Impact/Access:     Root Compromise -- Existing Account
Resolution:        Patch/Upgrade
CVE Names:         CVE-2012-0208  

Reference:         ASB-2012.0060

Original Bulletin: 
   http://www.debian.org/security/2012/dsa-2472

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - -------------------------------------------------------------------------
Debian Security Advisory DSA-2472-1                   security@debian.org
http://www.debian.org/security/                            Florian Weimer
May 15, 2012                           http://www.debian.org/security/faq
- - -------------------------------------------------------------------------

Package        : gridengine
Vulnerability  : privilege escalation
Problem type   : remote
Debian-specific: no
CVE ID         : CVE-2012-0208

Dave Love discovered that users who are allowed to submit jobs to a
Grid Engine installation can escalate their privileges to root because
the environment is not properly sanitized before creating processes.

For the stable distribution (squeeze), this problem has been fixed in
version 6.2u5-1squeeze1.

For the unstable distribution (sid), this problem has been fixed in
version 6.2u5-6.

We recommend that you upgrade your gridengine packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQEcBAEBAgAGBQJPssBDAAoJEL97/wQC1SS+hQoH/0SS/5Y7YGa0ZId76G/BVCr7
4Wn+9pNSg0w9DXIPCdOXTOyYEyi1P5s4XS5ccr5QTsQ73rBhjMlgW/ASSbsJ50Na
vyKRGiGj/ISuNllFET4sk/V1sRnr2XNPC5JKQ2V6b4L8S8NRduPoTQ3XIBuduXGK
yPbd158qursgNd3J3nN/EMRhsexPsTqWj2ypcrjL9TfbNXgj4XMtvltNUzcFMEp6
1q9eNi2sXvVSV2Ecu8bWa65DuuXKgBYBX2dObM77DPXyL4Jkog4vssPZQ32Q3b7n
jhWeI5BvrgBh2OJEyq63rmnbRA3NMyHHMfcljVlplX9gl78qWTb+S3OtPP1AFuE=
=4w3Z
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBT7NKwO4yVqjM2NGpAQLusg/+Mic+72ToUJxDZaGriz0lAU8XdKrCr0Tq
d0XPNelcQh4TFC/Z0T51Ihq8ppIbE2uz3SfUJSiLJ/bHaHeh4RFfOk3SCHTpPGcT
h5yPnyYe9D7nBFFvdh9lfLYOJaWFBEmBJdKRQMeTZHXAUBTCGTI1rHD8nDBFtBNb
/KkC3qjIUFJGt1KCjrBj3EUIwGFPJvYDLELjCAmZR+12rx+1TE+NQP/j7eUQb47X
VckHbC5wtVF5kXfRT9H/0ZUHbH6KleRIwkqWspxDs8J6aqaBIlVeIPUivqm/oB7d
Rcc5I4MtISa5AcHxxXFMVJ96rnVixNSiv1cKZLfbL7Isb9ffCnPfAtMp0Cy8bIue
fTmwPkddNWUeoWoIg+uAA1PSoM0xW4A3s0qfD6sheBXbH0aa1Rg4Em7dwp5h27JV
Y8DB/sJRZ2CpN0pRltK2Qc/qjbBgMCRvDb3D4PfhJnyjODsgZdQlEtPzKViP65Fb
MRWFBHwaIeqqwsEbgzNn4cxiAMsCLu5ic6yEVfTam63XsWBILd+9wsgg+V1aKOKA
cQ9NZMCIF60UpARQx0Yo9OliKBKpWh+EQahHC8ByV999HbPKldDe7DdOfDxsU+qI
Lp9pIhugl+IOHNyoifjKpeeGOtLzUpJXp2p9vKIMfMUmCbsCpvgApyBTitOWI6XB
B6jJKL4Sguo=
=0oye
-----END PGP SIGNATURE-----