Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 05 Oct 2011 08:04:19 +0530
From: Huzaifa Sidhpurwala <huzaifas@...hat.com>
To: oss-security@...ts.openwall.com
Subject: kexec-tools: Multiple security flaws by management of kdump core
 files and ramdisk images

Hi All,

Kevan Carstensen reported multiple security flaws in kexec-tools, 
details are as follows:

1. CVE-2011-3588:

The default value of "StrictHostKeyChecking=no" has been used for kdump/ 
mkdumprd openssh integration. A remote malicious kdump server could use 
this flaw to impersonate the intended, correct kdump server to obtain 
security sensitive information (kdump core files).

2. CVE-2011-3589

mkdumprd utility copied content of certain directories into newly 
created initial ramdisk images, potentially leading to information leak.

3. CVE-2011-2390

mkdumprd utility created the final initial ramdisk image with 
world-readable permissions, possibly leading to information leak.

Reference:
https://bugzilla.redhat.com/show_bug.cgi?id=716439


-- 
Huzaifa Sidhpurwala / Red Hat Security Response Team

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ