Tmpwatch Recursive Write DoS Vulnerability

Solution:
# chmod 400 /etc/cron.daily/tmpwatch
# chmod 400 /usr/sbin/tmpwatch
#

slocate also segfaults on that directory.

$ ./a
to delete all the ./A/A/A/A/..... directories you own.

Red Hat:

Red Hat Linux 6.2:

alpha:
ftp://updates.redhat.com/6.2/alpha/tmpwatch-2.6.2-1.6.2.alpha.rpm

sparc:
ftp://updates.redhat.com/6.2/sparc/tmpwatch-2.6.2-1.6.2.sparc.rpm

i386:
ftp://updates.redhat.com/6.2/i386/tmpwatch-2.6.2-1.6.2.i386.rpm

sources:
ftp://updates.redhat.com/6.2/SRPMS/tmpwatch-2.6.2-1.6.2.src.rpm

Red Hat Linux 7.0:

i386:
ftp://updates.redhat.com/7.0/i386/tmpwatch-2.6.2-1.7.i386.rpm

sources:
ftp://updates.redhat.com/7.0/SRPMS/tmpwatch-2.6.2-1.7.src.rpm

Trustix Secure Linux:

All users of TSL should upgrade to the new rpm:

tmpwatch-2.6.2-1tr.i586.rpm (MD5sum: 3200b3812bfe6e87f326e240fed0686a)

http://www.trustix.net/download/Trustix/updates/1.1/RPMS/

or

ftp://ftp.trustix.com/pub/Trustix/updates/1.1/RPMS/

Mandrake:

Linux-Mandrake 6.0:
d6e7442f4c3a9af30e9158e7ae9ecf72 6.0/RPMS/tmpwatch-2.6.2-1mdk.i586.rpm
93541933fc92134a4954db3decbe2b31 6.0/SRPMS/tmpwatch-2.6.2-1mdk.src.rpm

Linux-Mandrake 6.1:
04b86f78b1bf908219c5ddc94767c7a8 6.1/RPMS/tmpwatch-2.6.2-1mdk.i586.rpm
93541933fc92134a4954db3decbe2b31 6.1/SRPMS/tmpwatch-2.6.2-1mdk.src.rpm

Linux-Mandrake 7.0:
07267b2907b9e9454a967c4323b17f17 7.0/RPMS/tmpwatch-2.6.2-1mdk.i586.rpm
93541933fc92134a4954db3decbe2b31 7.0/SRPMS/tmpwatch-2.6.2-1mdk.src.rpm

Linux-Mandrake 7.1:
04e2717f14f0b4f8f991ea9cc0926b2e 7.1/RPMS/tmpwatch-2.6.2-1mdk.i586.rpm
93541933fc92134a4954db3decbe2b31 7.1/SRPMS/tmpwatch-2.6.2-1mdk.src.rpm

Immunix:

Packages for this update for Immunix OS 6.2 (StackGuarded versions of the RedHat packages.) can be found at:

http://www.immunix.org:8080/ImmunixOS/6.2/updates/RPMS/tmpwatch-2.6.2-1.6.2_StackGuard.i386.rpm

or

http://www.immunix.org:8080/ImmunixOS/6.2/updates/SRPMS/tmpwatch-2.6.2-1.6.2_StackGuard.src.rpm



 

Privacy Statement
Copyright 2010, SecurityFocus