Gnome Installer System Config-file Overwrite Vulnerability
BID:1596
Info
Gnome Installer System Config-file Overwrite Vulnerability
| Bugtraq ID: | 1596 |
| Class: | Race Condition Error |
| CVE: |
CVE-2000-0723 |
| Remote: | No |
| Local: | Yes |
| Published: | Aug 19 2000 12:00AM |
| Updated: | Jul 11 2009 02:56AM |
| Credit: | First posted to Bugtraq by Alan Cox <[email protected]> on August 19, 2000. |
| Vulnerable: |
Helix Code GNOME Installer 0.2 |
| Not Vulnerable: |
Helix Code GNOME Installer 0.6 |
Discussion
Gnome Installer System Config-file Overwrite Vulnerability
GNOME is a graphical user interface for X11 created by Helix Code. The installer, on Caldera eDesktop and S.u.S.E. linux systems use /tmp in an unsafe manner. It creates a directory in /tmp and stores temporary copies of system configuration files (/etc/config.d/bashrc, /etc/config.d/csh.cshrc, and /etc/rc.d/rc.gui files on Caldera OpenLinux eDesktop 2.4 and /etc/rc.config on SuSE 6.3 and 6.4) there before writing them to their proper locations. If a malicious user has knowledge that the administrator is going to be executing gnome-installer, he/she can cause the installer to write blank configuration files to the system (by making the directory before gnome installer does). This will result in the system losing part of its configuration.
GNOME is a graphical user interface for X11 created by Helix Code. The installer, on Caldera eDesktop and S.u.S.E. linux systems use /tmp in an unsafe manner. It creates a directory in /tmp and stores temporary copies of system configuration files (/etc/config.d/bashrc, /etc/config.d/csh.cshrc, and /etc/rc.d/rc.gui files on Caldera OpenLinux eDesktop 2.4 and /etc/rc.config on SuSE 6.3 and 6.4) there before writing them to their proper locations. If a malicious user has knowledge that the administrator is going to be executing gnome-installer, he/she can cause the installer to write blank configuration files to the system (by making the directory before gnome installer does). This will result in the system losing part of its configuration.
Exploit / POC
Gnome Installer System Config-file Overwrite Vulnerability
Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Gnome Installer System Config-file Overwrite Vulnerability
Helix Code GNOME Installer 0.2
Helix Code GNOME Installer 0.2
-
Helix Code i386: installer-latest-intel.gz
http://spidermonkey.helixcode.com/installer-latest-intel.gz -
Helix Code Solaris (sparc u64): installer-latest-solaris.Z
http://spidermonkey.helixcode.com/installer-latest-solaris.Z -
Helix Code Linux PPC: installer-latest-ppc.gz
http://spidermonkey.helixcode.com/installer-latest-ppc.gz
References
Gnome Installer System Config-file Overwrite Vulnerability
References:
References: