[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[linux-security] esound bugs

To: linux-security
Subject: [linux-security] esound bugs
Date: Tue, 10 Oct 2000 11:26:32 -0700 (PDT)

Problem description
===================

Esound, the sound daemon used for Gnome, creates a world-writable
directory, /tmp/.esd.  This directory is owned by the user running esound,
and is used to store a socket which is used by programs connecting to the
sound server.  During startup, this socket's permissions are adjusted. An
attacker on the system can theoretically create a symbolic link, and cause
any file or directory owned by the user running esound to be made
world writable.

Solution
========

RedHat 6.x
upgrade to version 0.2.20-0, i.e.,
rpm -Fvh esound-0.2.20-0.i386.rpm esound-devel-0.2.20-0.i386.rpm

RedHat 7.0
upgrade to version 0.2.20-1, i.e.,
rpm -Fvh esound-0.2.20-1.i386.rpm esound-devel-0.2.20-1.i386.rpm

Debian
not affected.

Mandrake 6.x, 7.x
upgrade to version 0.2.17-3mdk, i.e.,
rpm -Fvh esound-0.2.17-3mdk.i586.rpm esound-devel-0.2.17-3mdk.i586.rpm

Prev by Date: [linux-security] LPRng bugs
Next by Date: [linux-security] tmpwatch root exploit
Prev by thread: [linux-security] tmpwatch root exploit
Next by thread: [linux-security] LPRng bugs
Index(es):
- Date
- Thread