• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

GNU LibTool Local Insecure Temporary Directory Creation Vulnerability

Solution:
It has been reported that this issue has been resolved in version 1.5.2 of libtool. This has not been confirmed by the maintainer or Symantec.

Conectiva has released an advisory CLA-2004:811 with fixes to address this issue. Please see the referenced advisory for more information.

OpenPKG advisory OpenPKG-SA-2004.004 was released to address this issue. Please refer to this advisory for details for obtaining and applying fixes.

Red Hat Fedora Legacy has released advisory FLSA:1268 dealing with this issue for Red Hat Linux 8.0, 7.3 and 7.2. Please see the referenced advisory for more information.


GNU libtool 1.4

• Fedora libtool-1.4-9.legacy.i386.rpm
  http://download.fedoralegacy.org/redhat/7.2/updates/i386/libtool-1.4-9 .legacy.i386.rpm


• Fedora libtool-libs-1.4-9.legacy.i386.rpm
  http://download.fedoralegacy.org/redhat/7.2/updates/i386/libtool-libs- 1.4-9.legacy.i386.rpm

GNU libtool 1.4.2

• Conectiva libtool-1.4.2-4U80_2cl.i386.rpm
  ftp://atualizacoes.conectiva.com.br/8/RPMS/libtool-1.4.2-4U80_2cl.i386 .rpm


• Fedora libtool-1.4.2-13.legacy.i386.rpm
  http://download.fedoralegacy.org/redhat/7.3/updates/i386/libtool-1.4.2 -13.legacy.i386.rpm


• Fedora libtool-1.4.2-14.legacy.i386.rpm
  http://download.fedoralegacy.org/redhat/8.0/updates/i386/libtool-1.4.2 -14.legacy.i386.rpm


• Fedora libtool-libs-1.4.2-13.legacy.i386.rpm
  http://download.fedoralegacy.org/redhat/7.3/updates/i386/libtool-libs- 1.4.2-13.legacy.i386.rpm


• Fedora libtool-libs-1.4.2-14.legacy.i386.rpm
  http://download.fedoralegacy.org/redhat/8.0/updates/i386/libtool-libs- 1.4.2-14.legacy.i386.rpm

GNU libtool 1.4.3

• Conectiva libtool-1.4.3-21152U90_1cl.i386.rpm
  ftp://atualizacoes.conectiva.com.br/9/RPMS/libtool-1.4.3-21152U90_1cl. i386.rpm

GNU libtool 1.5

• OpenPKG libtool-1.5-1.3.1.src.rpm
  ftp://ftp.openpkg.org/release/1.3/UPD/libtool-1.5-1.3.1.src.rpm


• OpenPKG libtool-1.5.2-2.0.1.src.rpm
  ftp://ftp.openpkg.org/release/2.0/UPD/libtool-1.5.2-2.0.1.src.rpm