To: bugtraq@securityfocus.com announce@lists.caldera.com
security-alerts@linuxsecurity.com

______________________________________________________________________________

                Caldera International, Inc.  Security Advisory

Subject:                Linux: rsync supplementary groups vulnerability
Advisory number:        CSSA-2002-014.0
Issue date:             2002, April 03
Cross reference:
______________________________________________________________________________


1. Problem Description

        Supplementary groups to which the rsync daemon belongs (such as
        root) were not removed from the server process before it performed
        work as an unprivileged uid and gid. The rsync daemon was also
        compiled with a vulnerable version of the zlib library. This
        package corrects both these issues.


2. Vulnerable Supported Versions

        System                          Package
        -----------------------------------------------------------

        OpenLinux 3.1.1 Server          prior to rsync-2.5.0-5.i386.rpm
                                        prior to rsync-2.5.0-5.src.rpm

        OpenLinux 3.1.1 Workstation     prior to rsync-2.5.0-5.i386.rpm
                                        prior to rsync-2.5.0-5.src.rpm


3. Solution

        The proper solution is to install the latest packages.


4. OpenLinux 3.1.1 Server

        4.1 Package Location

        ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Server/current/RPMS

        2c8f978df12dabf073361c86f7012210        rsync-2.5.0-5.i386.rpm

        4.2 Installation

        Install the packages with the following sequence:
                
                rpm -Fvh \
                        rsync-2.5.0-5.i386.rpm
                
        4.3 Source Package Location

        ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Server/current/SRPMS

        bffd618c0ad88252b35c33ac821253ad        rsync-2.5.0-5.src.rpm


5. OpenLinux 3.1.1 Workstation

        5.1 Package Location

        ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Workstation/current/RPMS

        2c8f978df12dabf073361c86f7012210        rsync-2.5.0-5.i386.rpm

        5.2 Installation

        Install the packages with the following sequence:
                
                rpm -Fvh \
                        rsync-2.5.0-5.i386.rpm
                
        5.3 Source Package Location

        ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Workstation/current/SRPMS

        bffd618c0ad88252b35c33ac821253ad        rsync-2.5.0-5.src.rpm


6. References

        Specific references for this advisory:
                none


        Caldera OpenLinux security resources:
                http://www.caldera.com/support/security/index.html

        Caldera UNIX security resources:
                http://stage.caldera.com/support/security/

        This security fix closes Caldera incidents sr862089, fz520415,
        and erg711995.


7. Disclaimer

        Caldera International, Inc. is not responsible for the misuse
        of any of the information we provide on this website and/or
        through our security advisories. Our advisories are a service
        to our customers intended to promote secure installation and
        use of Caldera products.


8. Acknowledgements

        Ethan Benson discovered and researched this vulnerability.