New ed packages available

Advisory:	RHSA-2000:123-01
Type:	Security Advisory
Severity:	N/A
Issued on:	2000-12-06
Last updated on:	2000-12-06
Affected Products:	Red Hat Linux 6.2 Red Hat Linux 7.0
OVAL:	N/A
CVEs (cve.mitre.org):	CVE-2000-1137

Details

The ed editor used files in /tmp in an insecure fashion.
It was possible for local users to exploit this vulnerability
to modify files that they normally could not and gain elevated privilege.

The ed executable creates files in /tmp with predictable
names. By using various symlink attacks, it is possible to
have ed write to files it should not, change the permissions
of various files, etc.

Solution

For each RPM for your particular architecture, run:

rpm -Fvh [filename]

where filename is the name of the RPM.

Updated packages

Red Hat Linux 6.2

alpha:
ftp://updates.redhat.com/6.2/alpha/ed-0.2-19.6x.alpha.rpm Missing file	`779b42a553a66a3cf422ffe8e87bb2fb`

i386:
ftp://updates.redhat.com/6.2/i386/ed-0.2-19.6x.i386.rpm Missing file	`7c584e3600331b81e8caa2422722ccae`

sparc:
ftp://updates.redhat.com/6.2/sparc/ed-0.2-19.6x.sparc.rpm Missing file	`007fc8f22b6cc144b3b2703744da8483`

Red Hat Linux 7.0

alpha:
ftp://updates.redhat.com/7.0/alpha/ed-0.2-19.alpha.rpm Missing file	`f511af62ec15ef65dd1104683e7d39db`

i386:
ftp://updates.redhat.com/7.0/i386/ed-0.2-19.i386.rpm Missing file	`6186b80b1deba06a1d3d99e30e2270d0`

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-1137
N/A

Keywords

/tmp

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/