TUCoPS :: Linux :: Red Hat/Fedora :: ciacl076.txt

CIAC L-076 - Red Hat ptrace exec race condition

-----BEGIN PGP SIGNED MESSAGE-----



             __________________________________________________________

                       The U.S. Department of Energy
                     Computer Incident Advisory Center
                           ___  __ __    _     ___
                          /       |     /_\   /
                          \___  __|__  /   \  \___
             __________________________________________________________

                             INFORMATION BULLETIN

                    Red Hat Ptrace and Exec Race Conditions
                  [Red Hat Security Advisory RHSA-2001:047-03]

April 20, 2001 18:00 GMT                                          Number L-076
______________________________________________________________________________
PROBLEM:       A race condition exists in ptrace, exec, and other suid 
               utilities that can result in a local denial of service or local 
               root compromise. 
PLATFORM:      Red Hat Linux 6.2 and 7.0 
DAMAGE:        A malicious local user could cause a denial of service or could 
               gain root access. 
SOLUTION:      Upgrade the Linux kernel to 2.2.19 as described in Red Hat 
               Security Advisory RHSA-2001:047-03. 
______________________________________________________________________________
VULNERABILITY  The risk is MEDIUM. An intruder must already have local access 
ASSESSMENT:    to a system exercise these vulnerabilities. 
______________________________________________________________________________

   [***** Start Red Hat Bulletin *****]

- - ---------------------------------------------------------------------
                   Red Hat, Inc. Red Hat Security Advisory

Synopsis:          Linux kernel 2.2.19 now available, provides security fixes,
enhancements
Advisory ID:       RHSA-2001:047-03
Issue date:        2001-04-10
Updated on:        2001-04-10
Product:           Red Hat Linux
Keywords:          kernel 2.2.19 nfs e100 ptrace sysctl exec
Cross references:  
Obsoletes:         RHSA-2001:013
- - ---------------------------------------------------------------------

1. Topic:

A local denial of service attack and root compromise of the kernel have
been corrected, drivers have been updated, and NFS version 3 has been
integrated.

2. Relevant releases/architectures:

Red Hat Linux 6.2 - alpha, i386, i586, i686, sparc, sparc64

Red Hat Linux 7.0 - alpha, i386, i586, i686

3. Problem description:

All Linux kernels prior to version 2.2.19 include possibilities for local
denial of service or root exploits by exercising race conditions between
the ptrace, exec, and/or suid system calls.  Additionally, the sysctl
system call included programming errors allowing a user to write to kernel
memory.  The 2.2.19 kernel fixes these problems.

Minor potential problems in the virtual memory and signal delivery
subsystems are also corrected.

Many drivers have been updated since the release of 2.2.17, our last
official kernel release, including but not limited to: 3c59x, AGP, CS46xx,
DAC960, EMU10K, Maestro 3, NE2000/PCI, Tulip, and various USB devices.  The
missing Intel E100 driver is now included.  A hang while booting on some
computers due inadvertent inclusion of a toshiba driver has been fixed.

Finally, support for NFS version 3 has been included, which has much
improved performance characteristics compared to earlier versions.  In
order to support this, new versions of nfs-utils and mount are required.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

The procedure for upgrading the kernel is documented at:
      
http://www.redhat.com/support/docs/howto/kernel-upgrade/kernel-upgrade.html

Please read the directions for your architecture carefully before
proceeding with the kernel upgrade.

5. Bug IDs fixed (http://bugzilla.redhat.com/bugzilla for more info):

34594 - ptrace/execve race condition still exists in kernel-2.2.17-14
34058 - ptrace race fixed in 2.2.17-14?
29947 - module e100 does not compile with kernel-source-2.2.17-14
29558 - Real Time Clock Driver v1.09
28881 - Updates to 2.2.17-14 provided, but no headers
27140 - ptrace bug is not fixed in kernel-2.2.17-14.i386.rpm
26993 - kernel 2.2.17-14 stalls at 'real time clock' until keypress
26985 - e100 driver in kernel 2.2.17-14
26809 - kernel-headers rpm is in newest kernel errata
18868 - Kernel-headers package un-buildable in kernel-2.2.16-22

6. RPMs required:

Red Hat Linux 6.2:

SRPMS:
ftp://updates.redhat.com/6.2/en/os/SRPMS/nfs-utils-0.3.1-0.6.x.src.rpm
ftp://updates.redhat.com/6.2/en/os/SRPMS/mount-2.10r-0.6.x.src.rpm
ftp://updates.redhat.com/6.2/en/os/SRPMS/kernel-2.2.19-6.2.1.src.rpm

alpha:
ftp://updates.redhat.com/6.2/en/os/alpha/nfs-utils-0.3.1-0.6.x.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/mount-2.10r-0.6.x.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/losetup-2.10r-0.6.x.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/kernel-2.2.19-6.2.1.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/kernel-BOOT-2.2.19-6.2.1.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/kernel-doc-2.2.19-6.2.1.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/kernel-headers-2.2.19-6.2.1.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/kernel-smp-2.2.19-6.2.1.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/kernel-source-2.2.19-6.2.1.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/kernel-utils-2.2.19-6.2.1.alpha.rpm


ftp://updates.redhat.com/6.2/en/os/alpha/kernel-enterprise-2.2.19-6.2.1.alpha.rpm

i386:
ftp://updates.redhat.com/6.2/en/os/i386/nfs-utils-0.3.1-0.6.x.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/mount-2.10r-0.6.x.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/losetup-2.10r-0.6.x.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/kernel-2.2.19-6.2.1.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/kernel-BOOT-2.2.19-6.2.1.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/kernel-doc-2.2.19-6.2.1.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/kernel-headers-2.2.19-6.2.1.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/kernel-ibcs-2.2.19-6.2.1.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/kernel-pcmcia-cs-2.2.19-6.2.1.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/kernel-smp-2.2.19-6.2.1.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/kernel-source-2.2.19-6.2.1.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/kernel-utils-2.2.19-6.2.1.i386.rpm

i586:
ftp://updates.redhat.com/6.2/en/os/i586/kernel-2.2.19-6.2.1.i586.rpm
ftp://updates.redhat.com/6.2/en/os/i586/kernel-smp-2.2.19-6.2.1.i586.rpm

i686:
ftp://updates.redhat.com/6.2/en/os/i686/kernel-2.2.19-6.2.1.i686.rpm
ftp://updates.redhat.com/6.2/en/os/i686/kernel-smp-2.2.19-6.2.1.i686.rpm
ftp://updates.redhat.com/6.2/en/os/i686/kernel-enterprise-2.2.19-6.2.1.i686.rpm

sparc:
ftp://updates.redhat.com/6.2/en/os/sparc/nfs-utils-0.3.1-0.6.x.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/mount-2.10r-0.6.x.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/losetup-2.10r-0.6.x.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/kernel-2.2.19-6.2.1.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/kernel-2.2.19-6.2.1.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/kernel-BOOT-2.2.19-6.2.1.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/kernel-BOOT-2.2.19-6.2.1.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/kernel-doc-2.2.19-6.2.1.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/kernel-headers-2.2.19-6.2.1.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/kernel-smp-2.2.19-6.2.1.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/kernel-smp-2.2.19-6.2.1.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/kernel-source-2.2.19-6.2.1.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/kernel-utils-2.2.19-6.2.1.sparc.rpm


ftp://updates.redhat.com/6.2/en/os/sparc/kernel-enterprise-2.2.19-6.2.1.sparc.rpm


ftp://updates.redhat.com/6.2/en/os/sparc/kernel-enterprise-2.2.19-6.2.1.sparc.rpm

sparc64:
ftp://updates.redhat.com/6.2/en/os/sparc64/kernel-2.2.19-6.2.1.sparc64.rpm
ftp://updates.redhat.com/6.2/en/os/sparc64/kernel-BOOT-2.2.19-6.2.1.sparc64.rpm
ftp://updates.redhat.com/6.2/en/os/sparc64/kernel-smp-2.2.19-6.2.1.sparc64.rpm


ftp://updates.redhat.com/6.2/en/os/sparc64/kernel-enterprise-2.2.19-6.2.1.sparc64.

rpm

Red Hat Linux 7.0:

SRPMS:
ftp://updates.redhat.com/7.0/en/os/SRPMS/nfs-utils-0.3.1-6.src.rpm
ftp://updates.redhat.com/7.0/en/os/SRPMS/mount-2.10r-5.src.rpm
ftp://updates.redhat.com/7.0/en/os/SRPMS/kernel-2.2.19-7.0.1.src.rpm

alpha:
ftp://updates.redhat.com/7.0/en/os/alpha/nfs-utils-0.3.1-6.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/mount-2.10r-5.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/losetup-2.10r-5.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/kernel-2.2.19-7.0.1.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/kernel-BOOT-2.2.19-7.0.1.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/kernel-doc-2.2.19-7.0.1.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/kernel-smp-2.2.19-7.0.1.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/kernel-utils-2.2.19-7.0.1.alpha.rpm


ftp://updates.redhat.com/7.0/en/os/alpha/kernel-enterprise-2.2.19-7.0.1.alpha.rpm

i386:
ftp://updates.redhat.com/7.0/en/os/i386/nfs-utils-0.3.1-6.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/mount-2.10r-5.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/losetup-2.10r-5.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/kernel-2.2.19-7.0.1.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/kernel-BOOT-2.2.19-7.0.1.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/kernel-doc-2.2.19-7.0.1.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/kernel-ibcs-2.2.19-7.0.1.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/kernel-pcmcia-cs-2.2.19-7.0.1.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/kernel-smp-2.2.19-7.0.1.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/kernel-utils-2.2.19-7.0.1.i386.rpm

i586:
ftp://updates.redhat.com/7.0/en/os/i586/kernel-2.2.19-7.0.1.i586.rpm
ftp://updates.redhat.com/7.0/en/os/i586/kernel-smp-2.2.19-7.0.1.i586.rpm

i686:
ftp://updates.redhat.com/7.0/en/os/i686/kernel-2.2.19-7.0.1.i686.rpm
ftp://updates.redhat.com/7.0/en/os/i686/kernel-smp-2.2.19-7.0.1.i686.rpm
ftp://updates.redhat.com/7.0/en/os/i686/kernel-enterprise-2.2.19-7.0.1.i686.rpm



7. Verification:

MD5 sum                           Package Name
- - --------------------------------------------------------------------------
9729752675f2c76c4298ccfac4531bca 6.2/en/os/SRPMS/kernel-2.2.19-6.2.1.src.rpm
4d5d3b10bb5aae79303680b3a2dc23fe 6.2/en/os/SRPMS/mount-2.10r-0.6.x.src.rpm
43df46d8d4682edd9afd53cedd4a105b 6.2/en/os/SRPMS/nfs-utils-0.3.1-0.6.x.src.rpm
9c8bd7130830f76662953c868b3b1d7f 6.2/en/os/alpha/kernel-2.2.19-6.2.1.alpha.rpm
6a61260a4c2fdc691ec6f36b5884dd76
6.2/en/os/alpha/kernel-BOOT-2.2.19-6.2.1.alpha.rpm
a8395d672036900b8b52f384f1f0cc02
6.2/en/os/alpha/kernel-doc-2.2.19-6.2.1.alpha.rpm
9d553e45359c370f6e540527abb1fbee
6.2/en/os/alpha/kernel-enterprise-2.2.19-6.2.1.alpha.rpm
1ab7f85124c0dd0df652b7bd12dc4b7b
6.2/en/os/alpha/kernel-headers-2.2.19-6.2.1.alpha.rpm
889f3c5b4d02e1d8920077d9353b5b2f
6.2/en/os/alpha/kernel-smp-2.2.19-6.2.1.alpha.rpm
327f1e5cb12338d89476754ffd5c2b64
6.2/en/os/alpha/kernel-source-2.2.19-6.2.1.alpha.rpm
a1da37a8f74eb9a0a397f12862037bf1
6.2/en/os/alpha/kernel-utils-2.2.19-6.2.1.alpha.rpm
f934e2ed5e69f30700742b245b8f5cc1 6.2/en/os/alpha/losetup-2.10r-0.6.x.alpha.rpm
e5246bee33116a2987d722d40c379419 6.2/en/os/alpha/mount-2.10r-0.6.x.alpha.rpm
9588a542f45132fbc2f644fddb073d9c 6.2/en/os/alpha/nfs-utils-0.3.1-0.6.x.alpha.rpm
f6a78f430283397d9c6b9f6d9a923d66 6.2/en/os/i386/kernel-2.2.19-6.2.1.i386.rpm
70337fa3b07c916664064bef414d85aa
6.2/en/os/i386/kernel-BOOT-2.2.19-6.2.1.i386.rpm
e4b6f490302442b34ee1250c71379c4b 6.2/en/os/i386/kernel-doc-2.2.19-6.2.1.i386.rpm
3c003514a86cfe744dad6bdb90289e9b
6.2/en/os/i386/kernel-headers-2.2.19-6.2.1.i386.rpm
69657566a775b9d74249ee52d1d077bb
6.2/en/os/i386/kernel-ibcs-2.2.19-6.2.1.i386.rpm
1116bb6918b8e676675b91d2d78e6259
6.2/en/os/i386/kernel-pcmcia-cs-2.2.19-6.2.1.i386.rpm
5ffad0970eb931d1b30d2b2d2e09536c 6.2/en/os/i386/kernel-smp-2.2.19-6.2.1.i386.rpm
459e8eee22ac4da02b5d99430a637316
6.2/en/os/i386/kernel-source-2.2.19-6.2.1.i386.rpm
3b22195bd22b3334a7040b06231fe961
6.2/en/os/i386/kernel-utils-2.2.19-6.2.1.i386.rpm
190d65d0f715a4972be8033859123f8f 6.2/en/os/i386/losetup-2.10r-0.6.x.i386.rpm
4e61f8189688ed32c04f21c2333a4c32 6.2/en/os/i386/mount-2.10r-0.6.x.i386.rpm
afc0bbcefaceedba24bf8fdc2c48f000 6.2/en/os/i386/nfs-utils-0.3.1-0.6.x.i386.rpm
5e596875e91ff7263cb8b7cab2443b56 6.2/en/os/i586/kernel-2.2.19-6.2.1.i586.rpm
77b7db2f9df20527753203d03bf8be52 6.2/en/os/i586/kernel-smp-2.2.19-6.2.1.i586.rpm
95e9cf4bafb93b4c5d890a7f2801583b 6.2/en/os/i686/kernel-2.2.19-6.2.1.i686.rpm
16e5774f9fb096aad32b07f13923155b
6.2/en/os/i686/kernel-enterprise-2.2.19-6.2.1.i686.rpm
6075978ab99ea8364c67102619cf7472 6.2/en/os/i686/kernel-smp-2.2.19-6.2.1.i686.rpm
138528e203fe949038287630ad2a448f 6.2/en/os/sparc/kernel-2.2.19-6.2.1.sparc.rpm
763bc1715fd3631f72dd6f1cf0667de6
6.2/en/os/sparc/kernel-BOOT-2.2.19-6.2.1.sparc.rpm
b767cf8c34a611a0de48efb25cbc5def
6.2/en/os/sparc/kernel-doc-2.2.19-6.2.1.sparc.rpm
857d9eecea315df8182a39b0c19d4cb8
6.2/en/os/sparc/kernel-enterprise-2.2.19-6.2.1.sparc.rpm
22385d9ca1aa269eae7d3bb570a24a4c
6.2/en/os/sparc/kernel-headers-2.2.19-6.2.1.sparc.rpm
84eb24e05c27f242a1f8a31038d7a816
6.2/en/os/sparc/kernel-smp-2.2.19-6.2.1.sparc.rpm
8753b1f69fe267021dcbf7bed0cd99e2
6.2/en/os/sparc/kernel-source-2.2.19-6.2.1.sparc.rpm
1b306ac4b3726c6f37d3af4a22de1dc6
6.2/en/os/sparc/kernel-utils-2.2.19-6.2.1.sparc.rpm
fe55af7e6d0f159f4d40f53721a77603 6.2/en/os/sparc/losetup-2.10r-0.6.x.sparc.rpm
3a2d41cd4efe75bc00808fb606a9f612 6.2/en/os/sparc/mount-2.10r-0.6.x.sparc.rpm
c6e3cf1da60384558a6a5c8678c9803e 6.2/en/os/sparc/nfs-utils-0.3.1-0.6.x.sparc.rpm
15323dfbb89e5ebcd0c53aa611b3d36a
6.2/en/os/sparc64/kernel-2.2.19-6.2.1.sparc64.rpm
19491b614cb39adf425489e491dc3bf4
6.2/en/os/sparc64/kernel-BOOT-2.2.19-6.2.1.sparc64.rpm
c771d675ace8244a3a80b979c90130a8
6.2/en/os/sparc64/kernel-enterprise-2.2.19-6.2.1.sparc64.rpm
c1d68c4e5d24c15955bccbb03281a31e
6.2/en/os/sparc64/kernel-smp-2.2.19-6.2.1.sparc64.rpm
49c5882c736d432fbe3d6384698f8e59 7.0/en/os/SRPMS/kernel-2.2.19-7.0.1.src.rpm
d346fe7b45b85186b476ab39471be5a8 7.0/en/os/SRPMS/mount-2.10r-5.src.rpm
03afd104017cf2a6397643e9802ec766 7.0/en/os/SRPMS/nfs-utils-0.3.1-6.src.rpm
2c03cd012d3457d508cdf7cbe939e865 7.0/en/os/alpha/kernel-2.2.19-7.0.1.alpha.rpm
738ae803fdc77569f198e90aebd8cc2f
7.0/en/os/alpha/kernel-BOOT-2.2.19-7.0.1.alpha.rpm
849e1d3ffacce4a6820b9b9c40476544
7.0/en/os/alpha/kernel-doc-2.2.19-7.0.1.alpha.rpm
d7d4d368519fe97ceb2a9553d6a00f29
7.0/en/os/alpha/kernel-enterprise-2.2.19-7.0.1.alpha.rpm
343ef27d5b09d5fd89318ab0acf7ffe8
7.0/en/os/alpha/kernel-smp-2.2.19-7.0.1.alpha.rpm
7cf711a308e17b11aaf1fde0d2a3b920
7.0/en/os/alpha/kernel-utils-2.2.19-7.0.1.alpha.rpm
be0a11d8699886483fc79a723a257254 7.0/en/os/alpha/losetup-2.10r-5.alpha.rpm
b11894cfc39fdea15c8887a3d2770c2f 7.0/en/os/alpha/mount-2.10r-5.alpha.rpm
8d6bcd37ed31bd8fef8616912cb32a79 7.0/en/os/alpha/nfs-utils-0.3.1-6.alpha.rpm
e84175178b41f81e41fb13034d8925b5 7.0/en/os/i386/kernel-2.2.19-7.0.1.i386.rpm
9f6e3380856b862ce3b1fe746842fef5
7.0/en/os/i386/kernel-BOOT-2.2.19-7.0.1.i386.rpm
dbb6b06840a607f9a84fac2ecd4a8cbd 7.0/en/os/i386/kernel-doc-2.2.19-7.0.1.i386.rpm
f1d8efc684a65d54f018285f92994732
7.0/en/os/i386/kernel-ibcs-2.2.19-7.0.1.i386.rpm
c4c87d58d22835616bfa8bdeb5fe6cf0
7.0/en/os/i386/kernel-pcmcia-cs-2.2.19-7.0.1.i386.rpm
09a1582c668907f6894ace23f0b141cc 7.0/en/os/i386/kernel-smp-2.2.19-7.0.1.i386.rpm
25c4682f6220ac3bda2664ba932e57ac
7.0/en/os/i386/kernel-utils-2.2.19-7.0.1.i386.rpm
e35a9f6237321f065cf024e615154424 7.0/en/os/i386/losetup-2.10r-5.i386.rpm
be34dad26b057520565f62ccfcaafd9a 7.0/en/os/i386/mount-2.10r-5.i386.rpm
d5be631b7c62b149f69712053c4117d3 7.0/en/os/i386/nfs-utils-0.3.1-6.i386.rpm
6977d626ba90dcb96f20d0f7512f57b3 7.0/en/os/i586/kernel-2.2.19-7.0.1.i586.rpm
42e6d74bfa3b51db2cb9d693f0ff2122 7.0/en/os/i586/kernel-smp-2.2.19-7.0.1.i586.rpm
e77d120fed671ba7b6a5a23abd9650f6 7.0/en/os/i686/kernel-2.2.19-7.0.1.i686.rpm
ea1dd9147b57d540febd183dc6d85ae2
7.0/en/os/i686/kernel-enterprise-2.2.19-7.0.1.i686.rpm
b6bee7b0ba8f98a365b2fcd36fa1fab0 7.0/en/os/i686/kernel-smp-2.2.19-7.0.1.i686.rpm

These packages are GPG signed by Red Hat, Inc. for security.  Our key
is available at:
    http://www.redhat.com/corp/contact.html

You can verify each package with the following command:
    rpm --checksig  <filename>

If you only wish to verify that each package has not been corrupted or
tampered with, examine only the md5sum with the following command:
    rpm --checksig --nogpg <filename>

8. References:

http://www.linux.org.uk/VERSION/relnotes.2219.html


Copyright(c) 2000, 2001 Red Hat, Inc.

  [***** End Red Hat Bulletin *****]

______________________________________________________________________________

CIAC wishes to acknowledge the contributions of Red Hat for the 
information contained in this bulletin.
______________________________________________________________________________


CIAC, the Computer Incident Advisory Capability, is the computer
security incident response team for the U.S. Department of Energy
(DOE) and the emergency backup response team for the National
Institutes of Health (NIH). CIAC is located at the Lawrence Livermore
National Laboratory in Livermore, California. CIAC is also a founding
member of FIRST, the Forum of Incident Response and Security Teams, a
global organization established to foster cooperation and coordination
among computer security teams worldwide.

CIAC services are available to DOE, DOE contractors, and the NIH. CIAC
can be contacted at:
    Voice:    +1 925-422-8193 (7x24)
    FAX:      +1 925-423-8002
    STU-III:  +1 925-423-2604
    E-mail:   ciac@ciac.org

Previous CIAC notices, anti-virus software, and other information are
available from the CIAC Computer Security Archive.

   World Wide Web:      http://www.ciac.org/
                        (or http://ciac.llnl.gov -- they're the same machine)
   Anonymous FTP:       ftp.ciac.org
                        (or ciac.llnl.gov -- they're the same machine)

PLEASE NOTE: Many users outside of the DOE, ESnet, and NIH computing
communities receive CIAC bulletins.  If you are not part of these
communities, please contact your agency's response team to report
incidents. Your agency's team will coordinate with CIAC. The Forum of
Incident Response and Security Teams (FIRST) is a world-wide
organization. A list of FIRST member organizations and their
constituencies can be obtained via WWW at http://www.first.org/.

This document was prepared as an account of work sponsored by an
agency of the United States Government. Neither the United States
Government nor the University of California nor any of their
employees, makes any warranty, express or implied, or assumes any
legal liability or responsibility for the accuracy, completeness, or
usefulness of any information, apparatus, product, or process
disclosed, or represents that its use would not infringe privately
owned rights. Reference herein to any specific commercial products,
process, or service by trade name, trademark, manufacturer, or
otherwise, does not necessarily constitute or imply its endorsement,
recommendation or favoring by the United States Government or the
University of California. The views and opinions of authors expressed
herein do not necessarily state or reflect those of the United States
Government or the University of California, and shall not be used for
advertising or product endorsement purposes.

LAST 10 CIAC BULLETINS ISSUED (Previous bulletins available from CIAC)

L-067: Linux worm Adore
L-068: Cisco VPN3000 Concentrator TELNET Vulnerability
L-069: Cisco Content Services Switch User Account Vulnerability
L-070: FTP Filename Expansion Vulnerability
L-071: Various Vendors' Network Time Protocol (NTP) Vulnerability
L-072: Cisco Catalyst 5000 Series 802.1x Vulnerability
L-073: Microsoft ISA Web Proxy Service Denial of Service
L-074: Microsoft WebDAV Runs Scripts As User
L-075: FreeBSD IPFilter May Incorrectly Pass Packets




-----BEGIN PGP SIGNATURE-----
Version: PGP for Business Security 5.5.2

iQCVAwUBOuCrObnzJzdsy3QZAQEQxwP/ejBNSSP4w+ObAwpNNqqZG4QDCIypFs1s
8ZW+GUCDznm/ptQ4So5Kig6VaKmbIID8HQQt0n5sh3B6thlirtMGuU/9sKKTKNEI
jlxS5GFeyl9R/xsIEYP/CmZv5tBGkk0d0hWqoUe2RgAR07/ws4yrFW7yzBFZm1a9
WOqRhMzPz5U=
=/hpc
-----END PGP SIGNATURE-----

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH