P-032: GZIP Insecure Temporary Files

P-032: GZIP Insecure Temporary Files Privacy and Legal Notice INFORMATION BULLETIN P-032: GZIP Insecure Temporary Files [Debian Security Advisory DSA-588-1] November 8, 2004 17:00 GMT


PROBLEM:	Insecure temporary file creation in supplemental scripts in the gzip package.
PLATFORM:	Debian GNU/Linux 3.0 (woody)
DAMAGE:	May allow local users to overwrite files via a symlink attack.
SOLUTION:	Upgrade your gzip package.

VULNERABILITY ASSESSMENT:	The risk is LOW. Could allow privilege escalation and local users to overwrite files via a symlink attack.

LINKS:
CIRC BULLETIN:	http://www.doecirc.energy.gov/bulletins/p-032.shtml
ORIGINAL BULLETIN:	http://www.debian.org/security/2004/dsa-588
CVE/CAN:	http://www.cve.mitre.org/cgi-bin/cvename.cgi?name= CAN-2004-0970

[***** Start Debian Security Advisory DSA-588-1 *****]

Debian Security Advisory
DSA-588-1 gzip -- insecure temporary files
Date Reported: 
08 Nov 2004 
Affected Packages: 
gzip 
Vulnerable: 
Yes 
Security database references: 
In the Bugtraq database (at SecurityFocus): BugTraq ID 11288.
In Mitre's CVE dictionary: CAN-2004-0970.

More information: 
Trustix developers discovered insecure temporary file creation in supplemental scripts in the gzip package 
which may allow local users to overwrite files via a symlink attack.

For the stable distribution (woody) these problems have been fixed in version 1.3.2-3woody3.

The unstable distribution (sid) is not affected by these problems.

We recommend that you upgrade your gzip package.

Fixed in: 
Debian GNU/Linux 3.0 (woody)

Source: 
http://security.debian.org/pool/updates/main/g/gzip/gzip_1.3.2-3woody3.dsc

http://security.debian.org/pool/updates/main/g/gzip/gzip_1.3.2-3woody3.diff.gz

http://security.debian.org/pool/updates/main/g/gzip/gzip_1.3.2.orig.tar.gz

Alpha: 
http://security.debian.org/pool/updates/main/g/gzip/gzip_1.3.2-3woody3_alpha.deb

ARM: 
http://security.debian.org/pool/updates/main/g/gzip/gzip_1.3.2-3woody3_arm.deb

Intel IA-32: 
http://security.debian.org/pool/updates/main/g/gzip/gzip_1.3.2-3woody3_i386.deb

Intel IA-64: 
http://security.debian.org/pool/updates/main/g/gzip/gzip_1.3.2-3woody3_ia64.deb

HPPA: 
http://security.debian.org/pool/updates/main/g/gzip/gzip_1.3.2-3woody3_hppa.deb

Motorola 680x0: 
http://security.debian.org/pool/updates/main/g/gzip/gzip_1.3.2-3woody3_m68k.deb

Big endian MIPS: 
http://security.debian.org/pool/updates/main/g/gzip/gzip_1.3.2-3woody3_mips.deb

Little endian MIPS: 
http://security.debian.org/pool/updates/main/g/gzip/gzip_1.3.2-3woody3_mipsel.deb

PowerPC: 
http://security.debian.org/pool/updates/main/g/gzip/gzip_1.3.2-3woody3_powerpc.deb

IBM S/390: 
http://security.debian.org/pool/updates/main/g/gzip/gzip_1.3.2-3woody3_s390.deb

Sun Sparc: 
http://security.debian.org/pool/updates/main/g/gzip/gzip_1.3.2-3woody3_sparc.deb

MD5 checksums of the listed files are available in the original advisory.


[***** End Debian Security Advisory DSA-588-1 *****]

CIRC wishes to acknowledge the contributions of Debian Security for the information contained in this bulletin.

DOE-CIRC can be contacted at:

    Voice:          +1 866-941-2472 (7 x 24)
    E-mail:          doecirc@doecirc.energy.gov
    World Wide Web:  http://www.doecirc.energy.gov/