Unix Shell Redirection Race Condition Vulnerability

Solution:
HP have released a security bulletin to address this issue in HP-UX. Customers who are affected by this issue are advised to apply appropriate patches as soon as possible. See referenced advisory for further detail regarding applying fixes. This bulletin has been revised to include fixes for HP-UX 11.04.

Sun has released an alert containing fixes to address this issue.

Sun has also released fixes for RaQ4, Qube3 and RaQXTR.

Various upgrades and patches have been made available:


Sun Cobalt RaQ4 Japanese RAID 3100R-ja

Sun Cobalt RaQ 4

RedHat bash-1.14.7-16.i386.rpm

RedHat bash-1.14.7-22.i386.rpm

Sun Solaris 8_sparc

Sun Solaris 2.5

Sun Cobalt Qube3 4000WG

Sun Cobalt Qube3 w/ Caching and RAID 4100WG

Sun Cobalt RaQ4 3001R

Sun Solaris 2.6

Sun Cobalt RaQ XTR 3500R

Sun Cobalt Qube3 Japanese w/ Caching and RAID 4100WGJ

RedHat bash-1.14.7-13.i386.rpm

Conectiva Linux graficas

Sun Cobalt RaQ XTR Japanese 3500R-ja

Sun Solaris 2.5_x86

Conectiva Linux ecommerce

Sun Cobalt Qube3 w/Caching 4010WG

Sun Solaris 2.6_x86

Sun Cobalt RaQ XTR

Sun Cobalt Qube3 Japanese 4000WGJ

Sun Cobalt Qube3 Japanese w/Caching 4010WGJ

Sun Solaris 7.0

Sun Cobalt Qube 3

Sun Solaris 7.0_x86

HP HP-UX 10.20

HP HP-UX 11.0 4

HP HP-UX 11.0

HP HP-UX 11.11

Caldera OpenLinux Desktop 2.3

SCO eServer 2.3

SCO eDesktop 2.4

Sun Solaris 2.5.1 _x86

FreeBSD FreeBSD 3.5.1

Conectiva Linux 4.0

Compaq Tru64 4.0 f

Conectiva Linux 4.0 es

Compaq Tru64 4.0 g

Compaq Tru64 4.0 d

Conectiva Linux 4.1

Conectiva Linux 4.2

FreeBSD FreeBSD 4.2

Conectiva Linux 5.0

FreeBSD FreeBSD 5.0

Compaq Tru64 5.0

Compaq Tru64 5.0 a

SCO Open Server 5.0

SCO Open Server 5.0.1

SCO Open Server 5.0.3

SCO Open Server 5.0.4

SCO Open Server 5.0.5

SCO Open Server 5.0.6 a

SCO Open Server 5.0.6

Compaq Tru64 5.1 a

Compaq Tru64 5.1

RedHat Linux 5.2 alpha

RedHat Linux 5.2 i386

RedHat Linux 6.0 alpha

RedHat Linux 6.0

Mandriva Linux Mandrake 6.0

RedHat Linux 6.1 sparc

RedHat Linux 6.1 alpha

RedHat Linux 6.1 i386

RedHat Linux 6.2 alpha

RedHat Linux 6.2 E alpha

RedHat Linux 6.2 i386

RedHat Linux 6.2 E i386

RedHat Linux 6.2 E sparc

Wirex Immunix OS 6.2

SGI IRIX 6.5

SGI IRIX 6.5.1

SGI IRIX 6.5.10

SGI IRIX 6.5.10 m

SGI IRIX 6.5.10 f

SGI IRIX 6.5.11

SGI IRIX 6.5.11 m

SGI IRIX 6.5.11 f

SGI IRIX 6.5.12 f

SGI IRIX 6.5.12 m

SGI IRIX 6.5.13 f

SGI IRIX 6.5.13 m

SGI IRIX 6.5.2

SGI IRIX 6.5.3

SGI IRIX 6.5.4

SGI IRIX 6.5.5

SGI IRIX 6.5.6

SGI IRIX 6.5.7

SGI IRIX 6.5.8

tcsh tcsh 6.7.2

tcsh tcsh 6.8 .00

tcsh tcsh 6.9 .00

Mandriva Linux Mandrake 7.1

Mandriva Linux Mandrake 7.2


 

Privacy Statement
Copyright 2010, SecurityFocus