[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[linux-security] bash-1 symlink vulnerability

To: linux-security
Subject: [linux-security] bash-1 symlink vulnerability
Date: Mon, 11 Dec 2000 15:10:19 -0800 (PST)

Topic
=====
Symlink vulnerability in bash 1.x

Problem Description
===================
The << operator in bash 1.x uses predictable filenames, leading to a potential
denial of service attack.

Affected Systems
================
All systems that use bash-1.

Not Affected
============
RedHat 7.0 (uses bash-2).

Workaround
==========
I'm using bash-2. In order to do that you must first install it (e.g., for
RedHat 6.x: rpm -Uvh bash2-2.03-8.i386.rpm bash2-doc-2.03-8.i386.rpm) and then
tell the system to use bash2 instead of bash:

cd /bin
mv bash bash-1.14.7;ln -s bash2 bash

Solution
========

RedHat 6.x
rpm -Fvh bash-1.14.7-23.6x.i386.rpm

Mandrake 6.x, 7.0
rpm -Fvh bash1-1.14.7-19.1mdk.i586.rpm

Mandrake 7.1
rpm -Fvh bash1-1.14.7-21.1mdk.i586.rpm

Mandrake 7.2
rpm -Fvh bash1-1.14.7-24.1mdk.i586.rpm

Caldera
rpm -Fvh bash-1.14.7-14.i386.rpm

Prev by Date: [linux-security] pam bugs
Next by Date: [linux-security] ed symlink vulnerability
Prev by thread: [linux-security] ed symlink vulnerability
Next by thread: [linux-security] pam bugs
Index(es):
- Date
- Thread