The Nirvana Editor, NEdit, is a GUI-style text editor based on popular Macintosh and MS Windows editors. When printing a whole text or selected parts of a text, nedit(1) creates a temporary file in an insecure manner. This behavior could be exploited to gain access to other users privileges, even root.
|
|
-----BEGIN PGP SIGNED MESSAGE-----
______________________________________________________________________________
SuSE Security Announcement
Package: nedit
Announcement-ID: SuSE-SA:2001:14
Date: Wednesday, April 18th, 2001 13.06 MEST
Affected SuSE versions: [6.1, 6.2] 6.3, 6.4, 7.0, 7.1
Vulnerability Type: locoal privilege escalation
Severity (1-10): 3
SuSE default package: no
Other affected systems: all systems using nedit
Content of this advisory:
1) security vulnerability resolved: nedit
problem description, discussion, solution and upgrade information
2) pending vulnerabilities, solutions, workarounds
3) standard appendix (further information)
______________________________________________________________________________
1) problem description, brief discussion, solution, upgrade information
The Nirvana Editor, NEdit, is a GUI-style text editor based on popular
Macintosh and MS Windows editors.
When printing a whole text or selected parts of a text, nedit(1) creates
a temporary file in an insecure manner. This behavior could be exploited
to gain access to other users privileges, even root.
There is no workaround possible, because tmpnam(3) ignores the TMPDIR
environment variable. Just install the new RPM to fix this problem.
Download the update package from locations described below and install
the package with the command `rpm -Uhv file.rpm'. The md5sum for each
file is in the line below. You can verify the integrity of the rpm
files using the command
`rpm --checksig --nogpg file.rpm',
independently from the md5 signatures below.
i386 Intel Platform:
SuSE-7.1
ftp://ftp.suse.com/pub/suse/i386/update/7.1/xap2/nedit-5.1.1-151.i386.rpm
07efdf2fa5c475fcf40633d392d4ae1d
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.1/zq1/nedit-5.1.1-151.src.rpm
27e52c3688082257d7f7ecf81c461ad9
SuSE-7.0
ftp://ftp.suse.com/pub/suse/i386/update/7.0/xap1/nedit-5.1.1-151.i386.rpm
b9846658b0f9c8330b8f9c5732b9e115
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.0/zq1/nedit-5.1.1-151.src.rpm
d2dc1c39dbad292326f953e1e84fe187
SuSE-6.4
ftp://ftp.suse.com/pub/suse/i386/update/6.4/xap1/nedit-5.0.2-207.i386.rpm
c5c6eebe946463926583272690ca4d27
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.4/zq1/nedit-5.0.2-207.src.rpm
0a486fa81f4b84ab6f09bd5353b0fd4d
SuSE-6.3
ftp://ftp.suse.com/pub/suse/i386/update/6.3/xap1/nedit-5.0.2-208.i386.rpm
e1e0baeca49ce972df89a5bb5ebfc6c2
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.3/zq1/nedit-5.0.2-208.src.rpm
9a3328dc8fb8a4da343be20c10cb0c02
Sparc Platform:
SuSE-7.1
ftp://ftp.suse.com/pub/suse/sparc/update/7.1/xap2/nedit-5.1.1-135.sparc.rpm
2370e09571b1037270d34afb555cc408
source rpm:
ftp://ftp.suse.com/pub/suse/sparc/update/7.1/zq1/nedit-5.1.1-135.src.rpm
0ac1364f6b97d503444e6fcb4a0b20df
SuSE-7.0
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/xap1/nedit-5.1.1-134.sparc.rpm
a60e8f47d4ac4794f7ee472ef1d7ccb4
source rpm:
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/zq1/nedit-5.1.1-134.src.rpm
96c96dda6b1ba8b91bebbf3f1a9a56c6
AXP Alpha Platform:
SuSE-6.4
ftp://ftp.suse.com/pub/suse/axp/update/6.4/xap1/nedit-5.0.2-207.alpha.rpm
cde274f25bec040ae289ef0fb8520b7e
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.4/zq1/nedit-5.0.2-207.src.rpm
4cdff5d4836bf4f926298bb3b3a1c513
SuSE-6.3
ftp://ftp.suse.com/pub/suse/axp/update/6.3/xap1/nedit-5.0.2-207.alpha.rpm
fc7fc98267dc76ceec30633068d72533
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.3/zq1/nedit-5.0.2-207.src.rpm
fc3ddc09f7c3383b01721e6462f77748
PPC PowerPC Platform:
SuSE-7.1
ftp://ftp.suse.com/pub/suse/ppc/update/7.1/xap2/nedit-5.1.1-122.ppc.rpm
1f413b9e77263ec37d0e42dde6cb55d1
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/7.1/zq1/nedit-5.1.1-122.src.rpm
403bcf64a6ba2824899316e3bd8ea41d
SuSE-7.0
ftp://ftp.suse.com/pub/suse/ppc/update/7.0/xap1/nedit-5.1.1-122.ppc.rpm
e771c3bcd7cbc0121a527089ad40a336
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/7.0/zq1/nedit-5.1.1-122.src.rpm
f45e0786fefb5c92fbd61e8c4a36ab32
SuSE-6.4
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/xap1/nedit-5.0.2-146.ppc.rpm
7dcb7bf1110311063daac06df1f7cccb
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/zq1/nedit-5.0.2-146.src.rpm
5f1d6da7f268b8c10f7ea8a4f7a1fab5
______________________________________________________________________________
2) Pending vulnerabilities in SuSE Distributions and Workarounds:
- New RPMs for HylaFax, a Fax Server, are currently being build, which
fix a format bug in hfaxd, which could lead to local root privilege.
- Updated man RPMs will be available in a few days.
- In the past weeks, some security related bugs in the Linux kernel 2.2
and 2.4 were found. An announcement, that addresses this will be
released this week.
- Samba has serveral security problems, which could lead to local root
access. Samba 2.0.8 fixes these problems. New RPMs are currently being
build.
______________________________________________________________________________
3) standard appendix:
SuSE runs two security mailing lists to which any interested party may
subscribe:
suse-security@suse.com
- general/linux/SuSE security discussion.
All SuSE security announcements are sent to this list.
To subscribe, send an email to
<suse-security-subscribe@suse.com>.
suse-security-announce@suse.com
- SuSE's announce-only mailing list.
Only SuSE's security annoucements are sent to this list.
To subscribe, send an email to
<suse-security-announce-subscribe@suse.com>.
For general information or the frequently asked questions (faq)
send mail to:
<suse-security-info@suse.com> or
<suse-security-faq@suse.com> respectively.
===============================================
SuSE's security contact is <security@suse.com>.
===============================================
______________________________________________________________________________
The information in this advisory may be distributed or reproduced,
provided that the advisory is not modified in any way.
SuSE GmbH makes no warranties of any kind whatsoever with respect
to the information contained in this security advisory.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
iQEVAwUBOt6v6ney5gA9JdPZAQHoGQf+OVNf/4uNC9GXtDVBXrnp1suvSsnIpWHn
fGsE55QqJhTYUfGSHbyELa3uPZ9gsQnHGpyKG1wMwGKbFRPKtF870cPRY5Q6s0zK
XNA+FNLkMcyAHiw9McUkWQ8W786uiyP3PEGLNpLmKuI6acVd6drFsSqLf0MwRHNb
fHmcJl29b1mk7cuUNuqfQ2Sr9bxnwVc03hTOsWZNYbrIqDoq8WsfUvs+drKfGEZy
tPuo5McI8EL60SdO787+iMuUB759i86LzF+NK4fu7KWx31vx9ebRY5IpZh/mFfI5
Wq/C00KCI9gl0UO80Zhj6aQIc94VhwemrlM7uV0ICHWJwLHMt6fWUQ==
=bQUE
-----END PGP SIGNATURE-----
Bye,
Thomas
--
Thomas Biege, SuSE GmbH, Schanzaeckerstr. 10, 90443 Nuernberg
E@mail: thomas@suse.de Function: Security Support & Auditing
"lynx -source http://www.suse.de/~thomas/thomas.pgp | pgp -fka"
Key fingerprint = 51 AD B9 C7 34 FC F2 54 01 4A 1C D4 66 64 09 84 |