Multiple Linux vendor imwheel Vulnerability
BID:1060
Info
Multiple Linux vendor imwheel Vulnerability
| Bugtraq ID: | 1060 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | No |
| Local: | Yes |
| Published: | Mar 13 2000 12:00AM |
| Updated: | Mar 13 2000 12:00AM |
| Credit: | This vulnerability was posted to the Bugtraq mailing list by Sebastian <[email protected]> on March 16, 2000. |
| Vulnerable: |
Redhat Linux 6.2 sparc Redhat Linux 6.2 i386 Redhat Linux 6.2 alpha Redhat Linux 6.1 sparc Redhat Linux 6.1 i386 Redhat Linux 6.1 alpha Halloween Linux 4.0 |
| Not Vulnerable: | |
Discussion
Multiple Linux vendor imwheel Vulnerability
A vulnerability exists in the 'imwheel' package for Linux. This package is known to be vulnerable to a buffer overrun in its handling of the HOME environment variable. By supplying a sufficiently long string containing machine executable code, the imwheel program can be caused to run arbitrary commands as root. This is due to a setuid root perl script named 'imwheel-solo' which invokes the imwheel program with effective UID 0.
A vulnerability exists in the 'imwheel' package for Linux. This package is known to be vulnerable to a buffer overrun in its handling of the HOME environment variable. By supplying a sufficiently long string containing machine executable code, the imwheel program can be caused to run arbitrary commands as root. This is due to a setuid root perl script named 'imwheel-solo' which invokes the imwheel program with effective UID 0.
Exploit / POC
Multiple Linux vendor imwheel Vulnerability
An exploit has been made available.
An exploit has been made available.
Solution / Fix
Multiple Linux vendor imwheel Vulnerability
Solution:
RedHat has made patches available for this problem.
Removal of the setuid wrapper script 'imwheel-solo' will eliminate this problem.
Redhat Linux 6.1 i386
Redhat Linux 6.1 sparc
Redhat Linux 6.1 alpha
Redhat Linux 6.2 sparc
Redhat Linux 6.2 i386
Redhat Linux 6.2 alpha
Solution:
RedHat has made patches available for this problem.
Removal of the setuid wrapper script 'imwheel-solo' will eliminate this problem.
Redhat Linux 6.1 i386
-
Red Hat Inc. 6.1 i386 imwheel-0.9.8-1.i386.rpm
ftp://updates.redhat.com/powertools/6.1/i386/imwheel-0.9.8-1.i386.rpm
Redhat Linux 6.1 sparc
-
Red Hat Inc. 6.1 sparc imwheel-0.9.8-1.sparc.rpm
ftp://updates.redhat.com/powertools/6.1/sparc/imwheel-0.9.8-1.sparc.rp m
Redhat Linux 6.1 alpha
-
Red Hat Inc. 6.1 alpha imwheel-0.9.8-1.alpha.rpm
imwheel-0.9.8-1.alpha.rpm
Redhat Linux 6.2 sparc
-
Red Hat Inc. 6.2 sparc imwheel-0.9.8-1.sparc.rpm
ftp://updates.redhat.com/powertools/6.2/sparc/imwheel-0.9.8-1.sparc.rp m
Redhat Linux 6.2 i386
-
Red Hat Inc. 6.2 i386 imwheel-0.9.8-1.i386.rpm
ftp://updates.redhat.com/powertools/6.2/i386/imwheel-0.9.8-1.i386.rpm
Redhat Linux 6.2 alpha
-
Red Hat Inc. 6.2 alpha imwheel-0.9.8-1.alpha.rpm
ftp://updates.redhat.com/powertools/6.2/alpha/imwheel-0.9.8-1.alpha.rp m