===================================================================== CERT-Renater Note d'Information No. 2005/VULN384 _____________________________________________________________________ DATE : 16/06/2005 HARDWARE PLATFORM(S) : / OPERATING SYSTEM(S) : Systems running rsh. ====================================================================== _______________________________________________________________________ Mandriva Linux Security Update Advisory _______________________________________________________________________ Package name: rsh Advisory ID: MDKSA-2005:100 Date: June 14th, 2005 Affected versions: 10.0, 10.1, 10.2, Corporate 3.0, Corporate Server 2.1 ______________________________________________________________________ Problem Description: A vulnerability in the rcp protocol was discovered that allows a server to instruct a client to write arbitrary files outside of the current directory, which could potentially be a security concern if a user used rcp to copy files from a malicious server. The updated packages have been patched to correct this problem. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0175 ______________________________________________________________________ Updated Packages: Mandrakelinux 10.0: 5e6f513e437cc9a5a619f323509ca58a 10.0/RPMS/rsh-0.17-13.1.100mdk.i586.rpm aec49c478c37577b6fd795bd9bb4ba67 10.0/RPMS/rsh-server-0.17-13.1.100mdk.i586.rpm 259dcd458b33d1de12d172e876366165 10.0/SRPMS/rsh-0.17-13.1.100mdk.src.rpm Mandrakelinux 10.0/AMD64: fd2d00b91971f0b137696c0ca256b94a amd64/10.0/RPMS/rsh-0.17-13.1.100mdk.amd64.rpm 81fffa62d628599cee1f7b590ae4c38e amd64/10.0/RPMS/rsh-server-0.17-13.1.100mdk.amd64.rpm 259dcd458b33d1de12d172e876366165 amd64/10.0/SRPMS/rsh-0.17-13.1.100mdk.src.rpm Mandrakelinux 10.1: de740985b0e213128f8639e3af831b5e 10.1/RPMS/rsh-0.17-13.1.101mdk.i586.rpm ff6873ae461a9a12e6a2aeee30a80aa0 10.1/RPMS/rsh-server-0.17-13.1.101mdk.i586.rpm 2a5d801cdedfa0b0b588d340b79c9473 10.1/SRPMS/rsh-0.17-13.1.101mdk.src.rpm Mandrakelinux 10.1/X86_64: 716ae1dc777924d462d9c502238bda9e x86_64/10.1/RPMS/rsh-0.17-13.1.101mdk.x86_64.rpm 23ea2409d82a32918e5e132d8e1fff90 x86_64/10.1/RPMS/rsh-server-0.17-13.1.101mdk.x86_64.rpm 2a5d801cdedfa0b0b588d340b79c9473 x86_64/10.1/SRPMS/rsh-0.17-13.1.101mdk.src.rpm Mandrakelinux 10.2: 381a2b0e1418a14b618030f27ac445ea 10.2/RPMS/rsh-0.17-13.1.102mdk.i586.rpm d750e7ffcf28e7530e19a294ca9d6bc7 10.2/RPMS/rsh-server-0.17-13.1.102mdk.i586.rpm 1b576319abe603cfaa12d8ee3e314b0d 10.2/SRPMS/rsh-0.17-13.1.102mdk.src.rpm Mandrakelinux 10.2/X86_64: 7d9fd388f7fefa1e454b9d938befcfdc x86_64/10.2/RPMS/rsh-0.17-13.1.102mdk.x86_64.rpm decb83a56d54b9d6310f4e1f2aefe555 x86_64/10.2/RPMS/rsh-server-0.17-13.1.102mdk.x86_64.rpm 1b576319abe603cfaa12d8ee3e314b0d x86_64/10.2/SRPMS/rsh-0.17-13.1.102mdk.src.rpm Corporate Server 2.1: a63459af04b29923eff1606742eb9ce4 corporate/2.1/RPMS/rsh-0.17-9.1.C21mdk.i586.rpm b655300455ec6bd0fb8c782cfbcbe281 corporate/2.1/RPMS/rsh-server-0.17-9.1.C21mdk.i586.rpm c828642735f509a405e4582b9f6f3a29 corporate/2.1/SRPMS/rsh-0.17-9.1.C21mdk.src.rpm Corporate Server 2.1/X86_64: 14219e4f9ada6336f7b26a86881942e2 x86_64/corporate/2.1/RPMS/rsh-0.17-9.1.C21mdk.x86_64.rpm c32ccf5751017c29817fdd485c489f4b x86_64/corporate/2.1/RPMS/rsh-server-0.17-9.1.C21mdk.x86_64.rpm c828642735f509a405e4582b9f6f3a29 x86_64/corporate/2.1/SRPMS/rsh-0.17-9.1.C21mdk.src.rpm Corporate 3.0: b20aa1eb70c7bfc006c0c946601c9596 corporate/3.0/RPMS/rsh-0.17-13.1.C30mdk.i586.rpm 7ae577ac25ff29385f99516abd79baaf corporate/3.0/RPMS/rsh-server-0.17-13.1.C30mdk.i586.rpm c6fac5847bb6c80b8c92a22750d1c438 corporate/3.0/SRPMS/rsh-0.17-13.1.C30mdk.src.rpm Corporate 3.0/X86_64: 37a7576122ea4001257e11d034100c28 x86_64/corporate/3.0/RPMS/rsh-0.17-13.1.C30mdk.x86_64.rpm f7e9c14163f5a56b29fc2b17ae172bfb x86_64/corporate/3.0/RPMS/rsh-server-0.17-13.1.C30mdk.x86_64.rpm c6fac5847bb6c80b8c92a22750d1c438 x86_64/corporate/3.0/SRPMS/rsh-0.17-13.1.C30mdk.src.rpm _______________________________________________________________________ To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team ====================================================================== ========================================================= Les serveurs de référence du CERT-Renater http://www.urec.fr/securite http://www.cru.fr/securite http://www.renater.fr ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 151 bd de l'Hopital | fax : 01-53-94-20-41 + + 75013 Paris | email: certsvp@renater.fr + =========================================================