|
Vulnerability periodic Affected FreeBSD 4.1-STABLE after 2000-09-20, 4.1.1-RELEASE, and 4.1.1-STABLE prior to 2000-11-11 Description David Lary found following. periodic is a program to run periodic system functions. A vulnerability was inadvertently introduced into periodic that caused temporary files with insecure file names to be used in the system's temporary directory. This may allow a malicious local user to cause arbitrary files on the system to be corrupted. By default, periodic is normally called by cron for daily, weekly, and monthly maintenance. Because these scripts run as root, an attacker may potentially corrupt any file on the system. FreeBSD 4.1-STABLE after 2000-09-20, 4.1.1-RELEASE, and 4.1.1-STABLE prior to the correction date are vulnerable. The problem was corrected prior to the release of FreeBSD 4.2. Malicious local users can cause arbitrary files on the system to be corrupted. Solution Do not allow periodic to be used in untrusted multi-user environments. Disable the normal periodic system maintenance scripts by either commenting-out or removing the periodic entries in /etc/crontab. Patch: ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-01:12/periodic.patch