Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -4 articles for you...
98
security advisoryupdatecriticalRed Hat Linux Update: RHSA-2023:112-01 Critical Utempter Symlink Risk
An updated utempter package that fixes a potential symlink vulnerability is now available.. - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Updated utempter package fixes vulnerability Advisory ID: RHSA-2004:174-01 Issue date: 2004-05-26 Updated on: 2004-05-26 Product: Red Hat Enterprise Linux Keywords: Cross references: Obsoletes: CVE Names: CAN-2004-0233 - --------------------------------------------------------------------- 1. Topic: An updated utempter package that fixes a potential symlink vulnerability is now available. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Problem description: Utempter is a utility that allows terminal applications such as xterm and screen to update utmp and wtmp without requiring root privileges. Steve Grubb discovered a flaw in Utempter which allowed device names containing directory traversal sequences such as '/../'. In combination with an application that trusts the utmp or wtmp files, this could allow a local attacker the ability to overwrite privileged files using a symlink. Users should upgrade to this new version of utempter, which fixes this vulnerability. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will beupdated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. If up2date fails to connect to Red Hat Network due to SSL Certificate Errors, you need to install a version of the up2date client with an updated certificate. The latest version of up2date is available from the Red Hat FTP site and may also be downloaded directly from the RHN website: https://access.redhat.com 5. Bug IDs fixed ( for more info): 121332 - CAN-2004-0233 utempter directory traversal symlink attack 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: i386: Available from Red Hat Network: utempter-0.5.5-1.2.1EL.0.i386.rpm ia64: Available from Red Hat Network: utempter-0.5.5-1.2.1EL.0.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ia64: Available from Red Hat Network: utempter-0.5.5-1.2.1EL.0.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: i386: Available from Red Hat Network: utempter-0.5.5-1.2.1EL.0.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: i386: Available from Red Hat Network: utempter-0.5.5-1.2.1EL.0.i386.rpm Red Hat Enterprise Linux AS version 3: SRPMS: i386: Available from Red Hat Network: utempter-0.5.5-1.3EL.0.i386.rpm ia64: Available from Red Hat Network: utempter-0.5.5-1.3EL.0.ia64.rpm ppc: Available from Red Hat Network: utempter-0.5.5-1.3EL.0.ppc.rpm s390: Available from Red Hat Network: utempter-0.5.5-1.3EL.0.s390.rpm s390x: Available from Red Hat Network: utempter-0.5.5-1.3EL.0.s390x.rpm x86_64: Available from Red Hat Network: utempter-0.5.5-1.3EL.0.x86_64.rpm Red HatDesktop version 3: SRPMS: i386: Available from Red Hat Network: utempter-0.5.5-1.3EL.0.i386.rpm x86_64: Available from Red Hat Network: utempter-0.5.5-1.3EL.0.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: i386: Available from Red Hat Network: utempter-0.5.5-1.3EL.0.i386.rpm ia64: Available from Red Hat Network: utempter-0.5.5-1.3EL.0.ia64.rpm x86_64: Available from Red Hat Network: utempter-0.5.5-1.3EL.0.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: i386: Available from Red Hat Network: utempter-0.5.5-1.3EL.0.i386.rpm ia64: Available from Red Hat Network: utempter-0.5.5-1.3EL.0.ia64.rpm x86_64: Available from Red Hat Network: utempter-0.5.5-1.3EL.0.x86_64.rpm 7. Verification: MD5 sum Package Name - -------------------------------------------------------------------------- 417fb9a00960adc60d2480e76a1432e9 utempter-0.5.5-1.2.1EL.0.i386.rpm 36023598fdb8c619e3a7ddf3071eeda8 utempter-0.5.5-1.2.1EL.0.ia64.rpm bfcd383f81642909da3b591dc501ea26 utempter-0.5.5-1.2.1EL.0.src.rpm 437cbd0cf70f4c106d8769022818046e utempter-0.5.5-1.3EL.0.i386.rpm 78a2997b4bfa09e8797aa8168db5ee99 utempter-0.5.5-1.3EL.0.ia64.rpm fa912c642528d6d1785245c0bed610a3 utempter-0.5.5-1.3EL.0.ppc.rpm d6bd211838e75ae01eed0ad10f638fae utempter-0.5.5-1.3EL.0.s390.rpm 95518a64083b9610d6d13d01991296cf utempter-0.5.5-1.3EL.0.s390x.rpm bb78ec4f0201e337eca2a0da85d5aa3d utempter-0.5.5-1.3EL.0.src.rpm 39e382c6a8e6a1ec5e05c5ba9bad4ee8 utempter-0.5.5-1.3EL.0.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key is available from You can verify each package with the following command: rpm --checksig -v If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: md5sum 8. References: CVE -CVE-2004-0233 9. Contact: The Red Hat security contact is . More contact details at Copyright 2004 Red Hat, Inc. . The netwith package in Fedora has been improved toaddress a critical symlink flaw that may be utilized by local operators. Users are encouraged to execute the update swiftly.. Utempter Issue, Red Hat Update, Symlink Risk, Critical Update, Local Exploit. . Severity: Critical. LinuxSecurity.com Team
May 27, 2004
•Critical
Red Hat
89
security advisorymoderateupdateFedora Legacy: FLSA-1546 Moderate: Utempter Symlink Risk Update
An updated utempter package that fixes a potential symlink vulnerability is now available.. Fedora Legacy Update Advisory Synopsis: Updated utempter resolves security vulnerability Advisory ID: FLSA:1546 Issue date: 2004-05-18 Product: Red Hat Linux Keywords: Security Cross references: CVE Names: CAN-2004-0233 - ----------------------------------------------------------------------- - --------------------------------------------------------------------- 1. Topic: An updated utempter package that fixes a potential symlink vulnerability is now available. 2. Relevent releases/architectures: Red Hat Linux 7.2 - i386 Red Hat Linux 7.3 - i386 Red Hat Linux 8.0 - i386 3. Problem description: Utempter is a utility that allows terminal applications such as xterm and screen to update utmp and wtmp without requiring root privileges. Steve Grubb discovered a flaw in Utempter which allowed device names containing directory traversal sequences such as '/../'. In combination with an application that trusts the utmp or wtmp files, this could allow a local attacker the ability to overwrite privileged files using a symlink. Users should upgrade to this new version of utempter, which fixes this vulnerability. Fedora Legacy would like to thank Barry K. Nathan for notification of this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Please note that this update is also available via yum and apt. Many people find this an easier way to apply updates. To use yum issue: yumupdate or to use apt: apt-get update; apt-get upgrade This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. This assumes that you have yum or apt-get configured for obtaining Fedora Legacy content. Please visit for directions on how to configure yum and apt-get. 5. Bug IDs fixed: - 1546 - utempter symlink vulnerability 6. RPMs required: Red Hat Linux 7.2: SRPM: i386: Red Hat Linux 7.3: SRPM: i386: Red Hat Linux 8.0: SRPM: i386: 7. Verification: SHA1 sum Package Name - --------------------------------------------------------------------------- 739587d500bf401d83a5f2b01195ca8b5c81bed7 7.2/updates/SRPMS/utempter-0.5.2-6.7.x.1.legacy.src.rpm 021ec30fe6404f2eb74eee160a339fbd003c1b97 7.2/updates/i386/utempter-0.5.2-6.7.x.1.legacy.i386.rpm 739587d500bf401d83a5f2b01195ca8b5c81bed7 7.3/updates/SRPMS/utempter-0.5.2-6.7.x.1.legacy.src.rpm 021ec30fe6404f2eb74eee160a339fbd003c1b97 7.3/updates/i386/utempter-0.5.2-6.7.x.1.legacy.i386.rpm afc6bf313598d51e6a1ab9f83a8c1a0b244d167b 8.0/updates/SRPMS/utempter-0.5.2-10.8.0.1.legacy.src.rpm de4579faebfb0a5981be4ed2d1cf4b4ade396f41 8.0/updates/i386/utempter-0.5.2-10.8.0.1.legacy.i386.rpm These packages are GPG signed by Fedora Legacy for security. Our key is available from You can verify each package with the following command: rpm --checksig -v If you only wish to verify that each package has not been corrupted or tampered with, examine only the sha1sum with the following command: sha1sum 8. References: CVE -CVE-2004-0233 9. Contact: The Fedora Legacy security contact is . More project details at http://www.fedoralegacy.org - --------------------------------------------------------------------- - -- Jesse Keating RHCE ( ) Fedora Legacy Team (http://www.fedoralegacy.org) . The recent patch from Fedora Legacy strengthens utempter by addressing a critical symlink vulnerability that affectsvarious terminal utilities. Urgent update recommended!. Fedora Legacy Update,Utempter Security Issue,Symlink Vulnerability Fix. . Severity: Important. LinuxSecurity.com Team
May 19, 2004
•Important
Fedora
98
security advisoryupdatered hat linuxRed Hat Linux: RHSA-2004:175-01 Critical: Utempter Symlink Issue
Utemper can be userd to overwrite privileged files with symlink.. Red Hat Security Advisory Synopsis: Updated utempter package fixes vulnerability Advisory ID: RHSA-2004:175-01 Issue date: 2004-04-30 Updated on: 2004-04-30 Product: Red Hat Linux Keywords: Cross references: Obsoletes: CVE Names: CAN-2004-0233 - --------------------------------------------------------------------- 1. Topic: An updated utempter package that fixes a potential symlink vulnerability is now available. 2. Relevant releases/architectures: Red Hat Linux 9 - i386 3. Problem description: Utempter is a utility that allows terminal applications such as xterm and screen to update utmp and wtmp without requiring root privileges. Steve Grubb discovered a flaw in Utempter which allowed device names containing directory traversal sequences such as '/../'. In combination with an application that trusts the utmp or wtmp files, this could allow a local attacker the ability to overwrite privileged files using a symlink. Users should upgrade to this new version of utempter, which fixes this vulnerability. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. If up2date fails to connectto Red Hat Network due to SSL Certificate Errors, you need to install a version of the up2date client with an updated certificate. The latest version of up2date is available from the Red Hat FTP site and may also be downloaded directly from the RHN website: https://access.redhat.com 5. RPMs required: Red Hat Linux 9: SRPMS: i386: 6. Verification: MD5 sum Package Name - -------------------------------------------------------------------------- b7f13df830c3f64eef6c6895edfb3b1f 9/en/os/SRPMS/utempter-0.5.5-2.RHL9.0.src.rpm b207cd5661c7d687c3503399ce3bb611 9/en/os/i386/utempter-0.5.5-2.RHL9.0.i386.rpm These packages are GPG signed by Red Hat for security. Our key is available from You can verify each package with the following command: rpm --checksig -v If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: md5sum 7. References: CVE -CVE-2004-0233 8. Contact: The Red Hat security contact is . More contact details at Copyright 2004 Red Hat, Inc. . The updated configuration tool from Red Hat tackles a critical symlink flaw that permits unauthorized file overwriting.. Red Hat Linux,Utempter Update,Symlink Security,Critical Patch,RPM Security Fix. . Severity: Critical. LinuxSecurity.com Team
May 10, 2004
•Critical
Red Hat
89
security advisorymoderateupdateFedora: 2004:108 Moderate: Vulnerability in Utempter Symlink Security
An updated utempter package that fixes a potential symlink vulnerability is now available.. Fedora Update Notification FEDORA-2004-108 2004-04-21 --------------------------------------------------------------------- Name : utempter Version : 0.5.5 Release : 3.FC1.0 Summary : A privileged helper for utmp/wtmp updates. Description : Utempter is a utility which allows some non-privileged programs to have required root access without compromising system security. Utempter accomplishes this feat by acting as a buffer between root and the programs. --------------------------------------------------------------------- Update Information: Topic: An updated utempter package that fixes a potential symlink vulnerability is now available. Problem Description: Utempter is a utility that allows terminal applications such as xterm and screen to update utmp and wtmp without requiring root privileges. Steve Grubb discovered a flaw in Utempter which allowed device names containing directory traversal sequences such as '/../'. In combination with an application that trusts the utmp or wtmp files, this could allow a local attacker the ability to overwrite privileged files using a symlink. Users should upgrade to this new version of utempter, which fixes this vulnerability. --------------------------------------------------------------------- * Tue Apr 20 2004 Mike A. Harris 0.5.5-4 - Build 0.5.5-1 version as 0.5.5-1.2.1EL.0 for RHEL 2.1 erratum - Build 0.5.5-1 version as 0.5.5-1.3EL.0 for RHEL 3 erratum - Build 0.5.5-1 version as 0.5.5-2.RHL9.0 for RHL 9 erratum - Build 0.5.5-1 version as 0.5.5-3.FC1.0 for Fedora Core 1 erratum - Build 0.5.5-1 version as 0.5.5-4 for Fedora Core 2 development head * Mon Apr 19 2004 Mike A. Harris 0.5.5-1 - [SECURITY] Fix CAN-2004-0233 utempter directory traversal symlink attack issue for immediate erratum release. - Build all-arch test package 0.5.5-1 in dist-fc2-scratch * Mon Feb 23 2004 Mike A. Harris 0.5.4-1 -Rewrote post install script to be a bit cleaner and rebuilt in rawhide to pick up twaugh's chown change - Added 'srpm-x' target to Makefile for package maintainer SRPM building * Mon Feb 23 2004 Tim Waugh - Use ':' instead of '.' as separator for chown. --------------------------------------------------------------------- This update can be downloaded from: f7183d6339a8bdaa5b42a55b9bf1915a SRPMS/utempter-0.5.5-3.FC1.0.src.rpm 6d211a469244cd656fcff3464d00e3e0 i386/utempter-0.5.5-3.FC1.0.i386.rpm 86e078c46a04eceb0c5e05f6a428214d i386/debug/utempter-debuginfo-0.5.5-3.FC1.0.i386.rpm f5946681eddc62e62296e64b29f176a8 x86_64/utempter-0.5.5-3.FC1.0.x86_64.rpm fbd974095834794b31aa89aa50d14d90 x86_64/debug/utempter-debuginfo-0.5.5-3.FC1.0.x86_64.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- . An update for utempter within Fedora addresses a potential symlink issue, enhancing the overall security of the system.. utempter Package, Directory Traversal Flaw, Fedora Update. . Severity: Important. LinuxSecurity.com Team
Apr 21, 2004
•Important
Fedora
99
security advisorysecurity issueslackwareSlackware: 2004-110-01 Minor Vulnerability in Utempter Symlink
New utempter packages are available for Slackware 9.1 and -current to fix a security issue. (Slackware 9.1 was the first version of Slackware to use the libutempter library, and earlier versions of Slackware are not affected by this issue) . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] utempter security update (SSA:2004-110-01) New utempter packages are available for Slackware 9.1 and -current to fix a security issue. (Slackware 9.1 was the first version of Slackware to use the libutempter library, and earlier versions of Slackware are not affected by this issue) The utempter package provides a utility and shared library that allows terminal applications such as xterm and screen to update /var/run/utmp and /var/log/wtmp without requiring root privileges. Steve Grubb has identified an issue with utempter-0.5.2 where under certain circumstances an attacker could cause it to overwrite files through a symlink. This has been addressed by upgrading the utempter package to use Dmitry V. Levin's new implementation of libutempter that does not have this bug. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database: https://www.cve.org/CVERecord?id=CVE-CAN-2004-0233 Here are the details from the Slackware 9.1 ChangeLog: +--------------------------+ Mon Apr 19 13:51:01 PDT 2004 patches/packages/utempter-1.1.1-i486-1.tgz: Upgraded to libutempter-1.1.1 (this is a new version written by Dmitry V. Levin of ALT Linux). This upgrade fixes a low-level security issue in utempter-0.5.2 where utempter could possibly be tricked into writing through a symlink, and is a cleaner implementation all-around. For more details, see: https://www.cve.org/CVERecord?id=CVE-CAN-2004-0233 (* Security fix *) +--------------------------+ WHERE TO FIND THE NEW PACKAGE: +-----------------------------+ Updated package for Slackware 9.1: ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/utempter-1.1.1-i486-1.tgz Updated package forSlackware -current: MD5 SIGNATURES: +-------------+ Slackware 9.1 package: 839cd39cb90f31253d5bc4c028c28fe1 utempter-1.1.1-i486-1.tgz Slackware -current package: 97ce776901ca9b20ffe916228a487729 utempter-1.1.1-i486-1.tgz INSTALLATION INSTRUCTIONS: +------------------------+ Upgrade the package as root: # upgradepkg utempter-1.1.1-i486-1.tgz +-----+ . Recently patched utempter packages for Slackware address a security flaw involving symlink vulnerabilities found in terminal software.. slackware update, utempter security, terminal vulnerabilities. . Severity: Low. LinuxSecurity.com Team
Apr 19, 2004
•Low
Slackware
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!