Debian: 'man-db' vulnerabilities

    Date08 May 2001
    CategoryDebian
    2533
    Posted ByLinuxSecurity Advisories
    Ethan Benson found a bug in man-db packages as distributed in Debian/GNU/Linux 2.2.
    
    ------------------------------------------------------------------------
    Debian Security Advisory DSA-056-1                   This email address is being protected from spambots. You need JavaScript enabled to view it. 
    http://www.debian.org/security/                         Wichert Akkerman
    May  8, 2001
    ------------------------------------------------------------------------
    
    
    Package        : man-db
    Problem type   : local file overwrite
    Debian-specific: no
    
    Ethan Benson found a bug in man-db packages as distributed in
    Debian/GNU/Linux 2.2. man-db includes a mandb tool which is used to
    build an index of the manual pages installed on a system. When the -u or
    -c option were given on the command-line to tell it to write its database
    to a different location it failed to properly drop privileges before
    creating a temporary file. This makes it possible for an attacked to do
    a standard symlink attack to trick mandb into overwriting any file that
    is writable by uid man, which includes the man and mandb binaries.
    
    This has been fixed in version 2.3.16-3, and we recommend that you
    upgrade your man-db package immediately. If you use suidmanager
    you can also use that to make sure man and mandb are not installed
    suid which protects you from this problem. This can be done with the
    following commands:
    
      suidregister /usr/lib/man-db/man root root 0755
      suidregister /usr/lib/man-db/mandb root root 0755
    
    Of course even when using suidmanager an upgrade is still strongly
    recommended.
    
    
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    
    
    Debian GNU/Linux 2.2 alias potato
    ---------------------------------
    
      Potato was released for alpha, arm, i386, m68k, powerpc and sparc.
    
      Source archives:
         http://security.debian.org/dists/stable/updates/main/source/man-db_2.3.16-3.dsc
          MD5 checksum: 9b151e47acd5724d0a92b5ad7744d6ae
         http://security.debian.org/dists/stable/updates/main/source/man-db_2.3.16-3.tar.gz
          MD5 checksum: dab73666ef671d0bb4995c4ba653d2c3
    
      Alpha architecture:
         http://security.debian.org/dists/stable/updates/main/binary-alpha/man-db_2.3.16-3_alpha.deb
          MD5 checksum: 0e075e4788b1dc1edfa35d4d21a48252
    
      ARM architecture:
         http://security.debian.org/dists/stable/updates/main/binary-arm/man-db_2.3.16-3_arm.deb
          MD5 checksum: 3de307e54eafaf23dea1f8016bc0a2aa
    
      Intel ia32 architecture:
         http://security.debian.org/dists/stable/updates/main/binary-i386/man-db_2.3.16-3_i386.deb
          MD5 checksum: 434291472106de31c2f10dce3c725a3c
    
      Motorola 680x0 architecture:
         http://security.debian.org/dists/stable/updates/main/binary-m68k/man-db_2.3.16-3_m68k.deb
          MD5 checksum: 3025cc1e2303dca7ebf3e6df7a60a587
    
      PowerPC architecture:
         http://security.debian.org/dists/stable/updates/main/binary-powerpc/man-db_2.3.16-3_powerpc.deb
          MD5 checksum: 880642cfed94f5f02d9212e940ba0c46
    
      Sun Sparc architecture:
         http://security.debian.org/dists/stable/updates/main/binary-sparc/man-db_2.3.16-3_sparc.deb
          MD5 checksum: 4df2f927732b9f6d1a5e9b62b8ecb0ff
    
      These packages will be moved into the stable distribution on its next
      revision.
    
    For not yet released architectures please refer to the appropriate
    directory  ftp://ftp.debian.org/debian/dists/sid/binary-$arch/ .
    
    --
    ----------------------------------------------------------------------------
    apt-get: deb  http://security.debian.org/ stable/updates main
    dpkg-ftp:  ftp://security.debian.org/debian-security dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    
    
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"25","type":"x","order":"1","pct":54.35,"resources":[]},{"id":"88","title":"Should be more technical","votes":"5","type":"x","order":"2","pct":10.87,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"16","type":"x","order":"3","pct":34.78,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.