[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[linux-security] traceroute bugs



Problem Description
===================

There is a bug in the traceroute command that can possibly be used
by local users to obtain super user privilege.

There are no exploits available so far, but it is advisable to upgrade
nevertheless.

Workaround
==========

chmod 755 /usr/sbin/traceroute

(replace /usr/sbin with the directory where traceroute is installed, if at all)
I recommend this solution anyway. There is no reason for having traceroute
suid-root. This also secures you against any future exploits in against
traceroute.

Solution
========

RedHat
------
Every RedHat distribution below 7.0 is vulnerable. Since the traceroute
included with RH 7.0 is not affected you can use that rpm to patch
your RH 6.x distribution:
rpm -Fvh traceroute-1.4a5-23.i386.rpm
(the rpm can be found on sphinx.sfu.ca in /vol/vol1/distrib/redhat/RedHat/RPMS)

Mandrake
--------
Mandrake 6.x and 7.x are affected by this.
upgrade with
rpm -Fvh traceroute-1.4a5-12mdk.i586.rpm

Debian
------
version 1.4a5-2 (distributed with Potato) is affected.
version 1.4a5-3 (distributed with Woody) is safe

You can find a fixed version traceroute_1.4a5-3_i386.deb, e.g., at
ftp://ftp.ca.debian.org/debian/dists/potato-proposed-updates/

Slackware
---------
safe.