Red Hat, Inc. Security Advisory
Package usermode, PAM  

Synopsis New version of usermode fixes security bug  

Advisory ID RHSA-2000:001-03  

Issue Date 2000-01-04  

Updated on 2000-01-07  

Keywords root userhelper pam  


1. Topic:
A security bug has been discovered and fixed in the userhelper program.

2000-01-07: usermode-1.17 introduced a bug that caused a segmentation fault in userhelper in some configurations, fixed in usermode-1.18.

2000-01-04: SysVinit package added for Red Hat Linux 6.0 to fix a dependency problem.

2. Problem description:
A security bug was found in userhelper; the bug can be exploited to provide local users with root access.

The bug has been fixed in userhelper-1.17, and pam-0.68-10 has been modified to help prevent similar attacks on other software in the future.

2000-01-04: Red Hat Linux 6.0 users will need to upgrade to SysVinit-2.77-2 to fix a minor dependency issue.


3. Bug IDs fixed: (see bugzilla for more information)

4. Relevant releases/architectures:
Red Hat Linux 6.1, all architectures

5. Obsoleted by:

6. Conflicts with:

7. RPMs required:










8. Solution:
For each RPM for your particular architecture, run:

rpm -Uvh filename

where filename is the name of the RPM.


9. Verification:

 MD5 sum                           Package Name

bffd4388103fa99265e267eab7ae18c8  i386/pam-0.68-10.i386.rpm
93d5f7c1316d8b926d3a47d87b28b881  i386/usermode-1.18-1.i386.rpm
fed2c2ad4f95829e14727a9dfceaca07  alpha/pam-0.68-10.alpha.rpm
1a79bb403ad6d9de6bd205a901a7daee  alpha/usermode-1.18-1.alpha.rpm
350662253d09b17d0aca4e9c7a511675  sparc/pam-0.68-10.sparc.rpm
068a2d4e465e6c4a33dd1dbdd1a4fa02  sparc/usermode-1.18-1.sparc.rpm
f9ad800f56b7bb05ce595bad824a990d  SRPMS/pam-0.68-10.src.rpm
dfeca4a416f2d9417dcf739599f580fa  SRPMS/usermode-1.18-1.src.rpm

These packages are GPG signed by Red Hat, Inc. for security. Our key is available at:

You can verify each package with the following command: rpm --checksig filename

If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg filename

Note that you need RPM >= 3.0 to check GnuPG keys.

10. References:
Thanks to [email protected] for finding this bug.