99 lines
3.7 KiB
Plaintext
99 lines
3.7 KiB
Plaintext
|
|
-----BEGIN PGP SIGNED MESSAGE-----
|
|
|
|
===========================================================================
|
|
CA-92:10 CERT Advisory
|
|
May 26, 1992
|
|
AIX crontab Vulnerability
|
|
|
|
- ---------------------------------------------------------------------------
|
|
|
|
The Computer Emergency Response Team/Coordination Center (CERT/CC) has
|
|
received information concerning a vulnerability in crontab(1) in version 3.2
|
|
of IBM's AIX operating system.
|
|
|
|
IBM is aware of this problem and a fix is available as apar number "ix26997"
|
|
for AIX version 3.2. The version information for the patched /usr/bin/crontab
|
|
is shown in the following what(1) output:
|
|
|
|
% what /usr/bin/crontab
|
|
04 1.23 com/cmd/cntl/cron/crontab.c, cmdcntl, bos320, 9218320f 4/8/92 11:50:42
|
|
07 1.8 com/cmd/cntl/cron/permit.c, bos, bos320 4/25/91 17:16:59
|
|
11 1.15 com/cmd/cntl/cron/cronsub.c, bos, bos320 8/18/91 20:42:32
|
|
06 1.9 com/cmd/cntl/cron/funcs.c, bos, bos320 6/8/91 21:22:40
|
|
|
|
If your crontab contains older modules than the above output indicates, we
|
|
suggest that you install the fix.
|
|
|
|
- ---------------------------------------------------------------------------
|
|
|
|
I. Description
|
|
|
|
The distributed version of /usr/bin/crontab contains a security
|
|
vulnerability.
|
|
|
|
|
|
II. Impact
|
|
|
|
Local users can gain unauthorized root access to the system.
|
|
|
|
|
|
III. Solution
|
|
|
|
The CERT/CC suggests that sites install the fix that IBM has made
|
|
available. As an interim step, we suggests that sites prevent all
|
|
non-root users from running /usr/bin/crontab by removing (or renaming)
|
|
the /var/adm/cron/cron.allow and /var/adm/cron/cron.deny files.
|
|
|
|
- Obtain the fix from IBM Support.
|
|
|
|
1. To order from IBM call 1-800-237-5511 and ask
|
|
that the fix be shipped. Patches may be obtained
|
|
outside the U.S. by contacting your local IBM
|
|
representative.
|
|
|
|
2. If you are on the Internet, use anonymous ftp to obtain
|
|
the fix from software.watson.ibm.com (129.34.139.5).
|
|
|
|
Patch Filename Checksum
|
|
AIX 3.2 pub/aix3/cronta.tar.Z 02324 154
|
|
|
|
The patch must be retrieved using binary mode.
|
|
|
|
- Install the fix following the instructions in the README file.
|
|
|
|
- ---------------------------------------------------------------------------
|
|
The CERT/CC would like to thank Fuat Baran of Advanced Network & Services,
|
|
Inc. for bringing this security vulnerability to our attention and IBM for
|
|
their quick response to this problem.
|
|
- ---------------------------------------------------------------------------
|
|
|
|
If you believe that your system has been compromised, contact CERT/CC or
|
|
your representative in FIRST (Forum of Incident Response and Security Teams).
|
|
|
|
Internet E-mail: cert@cert.org
|
|
Telephone: 412-268-7090 (24-hour hotline)
|
|
CERT/CC personnel answer 7:30 a.m.-6:00 p.m. EST(GMT-5)/EDT(GMT-4),
|
|
on call for emergencies during other hours.
|
|
|
|
Computer Emergency Response Team/Coordination Center (CERT/CC)
|
|
Software Engineering Institute
|
|
Carnegie Mellon University
|
|
Pittsburgh, PA 15213-3890
|
|
|
|
Past advisories, information about FIRST representatives, and other
|
|
information related to computer security are available for anonymous ftp
|
|
from cert.org (192.88.209.5).
|
|
|
|
|
|
-----BEGIN PGP SIGNATURE-----
|
|
Version: 2.6.2
|
|
|
|
iQCVAwUBMaMw+HVP+x0t4w7BAQGAuQP/Ws6d9GM0SWXZKxqatW4johceOTn17agg
|
|
BHLwGMKEeufZwAUl2QBlpBSsrVOvHZmcxBvcqkLDKZHRKCbfgzPypG3+e5i2nkPG
|
|
EiklGY5yFU7vzRTGiYpwZBPKFWGpE/nbi9gMFJsH/ZU/r9TlPR1jEHE9m2EHoDWq
|
|
aoSR4j3HKAA=
|
|
=cCJ4
|
|
-----END PGP SIGNATURE-----
|
|
|