Security Advisory Important: tog-pegasus security update

Advisory: RHSA-2008:1001-20
Type: Security Advisory
Severity: Important
Issued on: 2008-11-25
Last updated on: 2008-11-25
Affected Products: Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)
Red Hat Enterprise Linux EUS (v. 5.2.z server)
OVAL: com.redhat.rhsa-20081001.xml
CVEs (cve.mitre.org): CVE-2008-4313
CVE-2008-4315

Details

Updated tog-pegasus packages that fix security issues are now available
for Red Hat Enterprise Linux 5.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

The tog-pegasus packages provide OpenPegasus Web-Based Enterprise
Management (WBEM) services. WBEM is a platform and resource independent
Distributed Management Task Force (DMTF) standard that defines a common
information model and communication protocol for monitoring and controlling
resources.

Red Hat defines additional security enhancements for OpenGroup Pegasus WBEM
services in addition to those defined by the upstream OpenGroup Pegasus
release. For details regarding these enhancements, refer to the file
"README.RedHat.Security", included in the Red Hat tog-pegasus package.

After re-basing to version 2.7.0 of the OpenGroup Pegasus code, these
additional security enhancements were no longer being applied. As a
consequence, access to OpenPegasus WBEM services was not restricted to the
dedicated users as described in README.RedHat.Security. An attacker able to
authenticate using a valid user account could use this flaw to send
requests to WBEM services. (CVE-2008-4313)

Note: default SELinux policy prevents tog-pegasus from modifying system
files. This flaw's impact depends on whether or not tog-pegasus is confined
by SELinux, and on any additional CMPI providers installed and enabled on a
particular system.

Failed authentication attempts against the OpenPegasus CIM server were not
logged to the system log as documented in README.RedHat.Security. An
attacker could use this flaw to perform password guessing attacks against a
user account without leaving traces in the system log. (CVE-2008-4315)

All tog-pegasus users are advised to upgrade to these updated packages,
which contain patches to correct these issues.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

Updated packages

Red Hat Enterprise Linux (v. 5 server)
SRPMS:
tog-pegasus-2.7.0-2.el5_2.1.src.rpm
File outdated by:  RHBA-2009:1286		     32711d6f050a64ef18bfbf075e8dca5f
 
IA-32:
tog-pegasus-2.7.0-2.el5_2.1.i386.rpm
File outdated by:  RHBA-2009:1286		     328188295a18dc679296c689fba08c64
tog-pegasus-devel-2.7.0-2.el5_2.1.i386.rpm
File outdated by:  RHBA-2009:1286		     9a8bae404d5bf1dbf9a28c50a88d6057
 
IA-64:
tog-pegasus-2.7.0-2.el5_2.1.ia64.rpm
File outdated by:  RHBA-2009:1286		     836b98efe294e9c82f4b9089a4d249e6
tog-pegasus-devel-2.7.0-2.el5_2.1.ia64.rpm
File outdated by:  RHBA-2009:1286		     8ce71b8caee754d23d87aa065db11d9e
 
PPC:
tog-pegasus-2.7.0-2.el5_2.1.ppc.rpm
File outdated by:  RHBA-2009:1286		     24eb85b51ef26fd9afbafe533f6ef34b
tog-pegasus-2.7.0-2.el5_2.1.ppc64.rpm
File outdated by:  RHBA-2009:1286		     35338c060fc3b30f412242a9483109b3
tog-pegasus-devel-2.7.0-2.el5_2.1.ppc.rpm
File outdated by:  RHBA-2009:1286		     9afd2ed7d7c8f138d9eccc1399b1f49f
tog-pegasus-devel-2.7.0-2.el5_2.1.ppc64.rpm
File outdated by:  RHBA-2009:1286		     2f5e903dbb82a6a0a729c8a3bb48bcdc
 
s390x:
tog-pegasus-2.7.0-2.el5_2.1.s390.rpm
File outdated by:  RHBA-2009:1286		     1ee755ebed170961c997cd583cc5454a
tog-pegasus-2.7.0-2.el5_2.1.s390x.rpm
File outdated by:  RHBA-2009:1286		     0568f8cefa61305caa152b17c591921c
tog-pegasus-devel-2.7.0-2.el5_2.1.s390.rpm
File outdated by:  RHBA-2009:1286		     4697103d09c2cb42d8eb8f8a0fe4527f
tog-pegasus-devel-2.7.0-2.el5_2.1.s390x.rpm
File outdated by:  RHBA-2009:1286		     da61b9ae321e9a2f2296cf2927713b83
 
x86_64:
tog-pegasus-2.7.0-2.el5_2.1.i386.rpm
File outdated by:  RHBA-2009:1286		     328188295a18dc679296c689fba08c64
tog-pegasus-2.7.0-2.el5_2.1.x86_64.rpm
File outdated by:  RHBA-2009:1286		     a84bace450b3964c4861595225c972ee
tog-pegasus-devel-2.7.0-2.el5_2.1.i386.rpm
File outdated by:  RHBA-2009:1286		     9a8bae404d5bf1dbf9a28c50a88d6057
tog-pegasus-devel-2.7.0-2.el5_2.1.x86_64.rpm
File outdated by:  RHBA-2009:1286		     17015d886061b6c522cbfd7616677833
 
Red Hat Enterprise Linux Desktop (v. 5 client)
SRPMS:
tog-pegasus-2.7.0-2.el5_2.1.src.rpm
File outdated by:  RHBA-2009:1286		     32711d6f050a64ef18bfbf075e8dca5f
 
IA-32:
tog-pegasus-2.7.0-2.el5_2.1.i386.rpm
File outdated by:  RHBA-2009:1286		     328188295a18dc679296c689fba08c64
tog-pegasus-devel-2.7.0-2.el5_2.1.i386.rpm     9a8bae404d5bf1dbf9a28c50a88d6057
 
x86_64:
tog-pegasus-2.7.0-2.el5_2.1.i386.rpm
File outdated by:  RHBA-2009:1286		     328188295a18dc679296c689fba08c64
tog-pegasus-2.7.0-2.el5_2.1.x86_64.rpm
File outdated by:  RHBA-2009:1286		     a84bace450b3964c4861595225c972ee
tog-pegasus-devel-2.7.0-2.el5_2.1.i386.rpm     9a8bae404d5bf1dbf9a28c50a88d6057
tog-pegasus-devel-2.7.0-2.el5_2.1.x86_64.rpm     17015d886061b6c522cbfd7616677833
 
Red Hat Enterprise Linux EUS (v. 5.2.z server)
SRPMS:
tog-pegasus-2.7.0-2.el5_2.1.src.rpm
File outdated by:  RHBA-2009:1286		     32711d6f050a64ef18bfbf075e8dca5f
 
IA-32:
tog-pegasus-2.7.0-2.el5_2.1.i386.rpm     328188295a18dc679296c689fba08c64
tog-pegasus-devel-2.7.0-2.el5_2.1.i386.rpm     9a8bae404d5bf1dbf9a28c50a88d6057
 
IA-64:
tog-pegasus-2.7.0-2.el5_2.1.ia64.rpm     836b98efe294e9c82f4b9089a4d249e6
tog-pegasus-devel-2.7.0-2.el5_2.1.ia64.rpm     8ce71b8caee754d23d87aa065db11d9e
 
PPC:
tog-pegasus-2.7.0-2.el5_2.1.ppc.rpm     24eb85b51ef26fd9afbafe533f6ef34b
tog-pegasus-2.7.0-2.el5_2.1.ppc64.rpm     35338c060fc3b30f412242a9483109b3
tog-pegasus-devel-2.7.0-2.el5_2.1.ppc.rpm     9afd2ed7d7c8f138d9eccc1399b1f49f
tog-pegasus-devel-2.7.0-2.el5_2.1.ppc64.rpm     2f5e903dbb82a6a0a729c8a3bb48bcdc
 
s390x:
tog-pegasus-2.7.0-2.el5_2.1.s390.rpm     1ee755ebed170961c997cd583cc5454a
tog-pegasus-2.7.0-2.el5_2.1.s390x.rpm     0568f8cefa61305caa152b17c591921c
tog-pegasus-devel-2.7.0-2.el5_2.1.s390.rpm     4697103d09c2cb42d8eb8f8a0fe4527f
tog-pegasus-devel-2.7.0-2.el5_2.1.s390x.rpm     da61b9ae321e9a2f2296cf2927713b83
 
x86_64:
tog-pegasus-2.7.0-2.el5_2.1.i386.rpm     328188295a18dc679296c689fba08c64
tog-pegasus-2.7.0-2.el5_2.1.x86_64.rpm     a84bace450b3964c4861595225c972ee
tog-pegasus-devel-2.7.0-2.el5_2.1.i386.rpm     9a8bae404d5bf1dbf9a28c50a88d6057
tog-pegasus-devel-2.7.0-2.el5_2.1.x86_64.rpm     17015d886061b6c522cbfd7616677833
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

459217 - CVE-2008-4313 tog-pegasus: WBEM services access not restricted to dedicated user after 2.7.0 rebase
472017 - CVE-2008-4315 tog-pegasus: failed authentication attempts not logged via PAM


References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4313
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4315
http://www.redhat.com/security/updates/classification/#important

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/