Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2007.0331 -- [UNIX/Linux][RedHat] Moderate: vixie-cron security update 18 May 2007 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: vixie-cron Publisher: Red Hat Operating System: Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 4 Red Hat Enterprise Linux 3 UNIX variants (UNIX, Linux, OSX) Impact: Denial of Service Access: Existing Account CVE Names: CVE-2007-1856 Original Bulletin: https://rhn.redhat.com/errata/RHSA-2007-0345.html Comment: This advisory references vulnerabilities in products which run on platforms other than Red Hat. It is recommended that administrators running vixie-cron check for an updated version of the software for their operating system. - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: vixie-cron security update Advisory ID: RHSA-2007:0345-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0345.html Issue date: 2007-05-17 Updated on: 2007-05-17 Product: Red Hat Enterprise Linux CVE Names: CVE-2007-1856 - - --------------------------------------------------------------------- 1. Summary: Updated vixie-cron packages that fix a denial of service issue are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 3. Problem description: The vixie-cron package contains the Vixie version of cron. Cron is a standard UNIX daemon that runs specified programs at scheduled times. Raphael Marichez discovered a denial of service bug in the way vixie-cron verifies crontab file integrity. A local user with the ability to create a hardlink to /etc/crontab can prevent vixie-cron from executing certain system cron jobs. (CVE-2007-1856) All users of vixie-cron should upgrade to these updated packages, which contain a backported patch to correct this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bug IDs fixed (http://bugzilla.redhat.com/): 223662 - crond failed "Days of week" after a few hours on 1st/Jan 235880 - CVE-2007-1856 crontab denial of service 6. RPMs required: Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/vixie-cron-4.1-19.EL3.src.rpm 7c765917fa13d34ca705284d0a51d16e vixie-cron-4.1-19.EL3.src.rpm i386: ea525e4a8c8dc818b9e113c02a7e4c48 vixie-cron-4.1-19.EL3.i386.rpm 98df28b802964b3a687c6925708f08fd vixie-cron-debuginfo-4.1-19.EL3.i386.rpm ia64: dbd7433ff15f0aaf005cd1bbed789112 vixie-cron-4.1-19.EL3.ia64.rpm 1e75f2bf0383e74c5d491a023e4f4cff vixie-cron-debuginfo-4.1-19.EL3.ia64.rpm ppc: 097b5ff35bfae9dc80600b1c5c625b28 vixie-cron-4.1-19.EL3.ppc.rpm 6642327a5b747246059681feb75c48c2 vixie-cron-debuginfo-4.1-19.EL3.ppc.rpm s390: 825a473c9476f6c4c0998c9b37c87584 vixie-cron-4.1-19.EL3.s390.rpm d6c108ff0f700e2637b8256e04027998 vixie-cron-debuginfo-4.1-19.EL3.s390.rpm s390x: a69ee247f2c81ef9baa7636c8f695ab5 vixie-cron-4.1-19.EL3.s390x.rpm eae9c4a5d305cb0077125a51200f6bf8 vixie-cron-debuginfo-4.1-19.EL3.s390x.rpm x86_64: c2440f24a81ded632ef8ce71c5f379a6 vixie-cron-4.1-19.EL3.x86_64.rpm ff066a6188e453697086fc6bbd310294 vixie-cron-debuginfo-4.1-19.EL3.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/vixie-cron-4.1-19.EL3.src.rpm 7c765917fa13d34ca705284d0a51d16e vixie-cron-4.1-19.EL3.src.rpm i386: ea525e4a8c8dc818b9e113c02a7e4c48 vixie-cron-4.1-19.EL3.i386.rpm 98df28b802964b3a687c6925708f08fd vixie-cron-debuginfo-4.1-19.EL3.i386.rpm x86_64: c2440f24a81ded632ef8ce71c5f379a6 vixie-cron-4.1-19.EL3.x86_64.rpm ff066a6188e453697086fc6bbd310294 vixie-cron-debuginfo-4.1-19.EL3.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/vixie-cron-4.1-19.EL3.src.rpm 7c765917fa13d34ca705284d0a51d16e vixie-cron-4.1-19.EL3.src.rpm i386: ea525e4a8c8dc818b9e113c02a7e4c48 vixie-cron-4.1-19.EL3.i386.rpm 98df28b802964b3a687c6925708f08fd vixie-cron-debuginfo-4.1-19.EL3.i386.rpm ia64: dbd7433ff15f0aaf005cd1bbed789112 vixie-cron-4.1-19.EL3.ia64.rpm 1e75f2bf0383e74c5d491a023e4f4cff vixie-cron-debuginfo-4.1-19.EL3.ia64.rpm x86_64: c2440f24a81ded632ef8ce71c5f379a6 vixie-cron-4.1-19.EL3.x86_64.rpm ff066a6188e453697086fc6bbd310294 vixie-cron-debuginfo-4.1-19.EL3.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/vixie-cron-4.1-19.EL3.src.rpm 7c765917fa13d34ca705284d0a51d16e vixie-cron-4.1-19.EL3.src.rpm i386: ea525e4a8c8dc818b9e113c02a7e4c48 vixie-cron-4.1-19.EL3.i386.rpm 98df28b802964b3a687c6925708f08fd vixie-cron-debuginfo-4.1-19.EL3.i386.rpm ia64: dbd7433ff15f0aaf005cd1bbed789112 vixie-cron-4.1-19.EL3.ia64.rpm 1e75f2bf0383e74c5d491a023e4f4cff vixie-cron-debuginfo-4.1-19.EL3.ia64.rpm x86_64: c2440f24a81ded632ef8ce71c5f379a6 vixie-cron-4.1-19.EL3.x86_64.rpm ff066a6188e453697086fc6bbd310294 vixie-cron-debuginfo-4.1-19.EL3.x86_64.rpm Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/vixie-cron-4.1-47.EL4.src.rpm c963050603bd83341aa5512719bcd6e1 vixie-cron-4.1-47.EL4.src.rpm i386: e50b7208f6e67ef36a941a9d53dd4ecd vixie-cron-4.1-47.EL4.i386.rpm f4f41c03fe2c620a4c88865ee7ccf9ba vixie-cron-debuginfo-4.1-47.EL4.i386.rpm ia64: 2a8acdc3387f80b88b05d3caf37494b4 vixie-cron-4.1-47.EL4.ia64.rpm d02b38ef9530988cf05c1bf4d14b084b vixie-cron-debuginfo-4.1-47.EL4.ia64.rpm ppc: 68741ea68b37363dc302345cc3bf2209 vixie-cron-4.1-47.EL4.ppc.rpm 4fd9d72458e7571e12336d829b72e97f vixie-cron-debuginfo-4.1-47.EL4.ppc.rpm s390: 4bcc729825cd7622cc9cf2ce317f641f vixie-cron-4.1-47.EL4.s390.rpm 610471c0b6115c8162bc338173bbbe69 vixie-cron-debuginfo-4.1-47.EL4.s390.rpm s390x: 903f1dbd19ee18070d02b659d8d8ba83 vixie-cron-4.1-47.EL4.s390x.rpm b3fb169573665923ed33b42ab92c569a vixie-cron-debuginfo-4.1-47.EL4.s390x.rpm x86_64: 9cdec79f5fd5c4daaec883aa70bb6432 vixie-cron-4.1-47.EL4.x86_64.rpm a389869eadbd3752839300ec2ee543a7 vixie-cron-debuginfo-4.1-47.EL4.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/vixie-cron-4.1-47.EL4.src.rpm c963050603bd83341aa5512719bcd6e1 vixie-cron-4.1-47.EL4.src.rpm i386: e50b7208f6e67ef36a941a9d53dd4ecd vixie-cron-4.1-47.EL4.i386.rpm f4f41c03fe2c620a4c88865ee7ccf9ba vixie-cron-debuginfo-4.1-47.EL4.i386.rpm x86_64: 9cdec79f5fd5c4daaec883aa70bb6432 vixie-cron-4.1-47.EL4.x86_64.rpm a389869eadbd3752839300ec2ee543a7 vixie-cron-debuginfo-4.1-47.EL4.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/vixie-cron-4.1-47.EL4.src.rpm c963050603bd83341aa5512719bcd6e1 vixie-cron-4.1-47.EL4.src.rpm i386: e50b7208f6e67ef36a941a9d53dd4ecd vixie-cron-4.1-47.EL4.i386.rpm f4f41c03fe2c620a4c88865ee7ccf9ba vixie-cron-debuginfo-4.1-47.EL4.i386.rpm ia64: 2a8acdc3387f80b88b05d3caf37494b4 vixie-cron-4.1-47.EL4.ia64.rpm d02b38ef9530988cf05c1bf4d14b084b vixie-cron-debuginfo-4.1-47.EL4.ia64.rpm x86_64: 9cdec79f5fd5c4daaec883aa70bb6432 vixie-cron-4.1-47.EL4.x86_64.rpm a389869eadbd3752839300ec2ee543a7 vixie-cron-debuginfo-4.1-47.EL4.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/vixie-cron-4.1-47.EL4.src.rpm c963050603bd83341aa5512719bcd6e1 vixie-cron-4.1-47.EL4.src.rpm i386: e50b7208f6e67ef36a941a9d53dd4ecd vixie-cron-4.1-47.EL4.i386.rpm f4f41c03fe2c620a4c88865ee7ccf9ba vixie-cron-debuginfo-4.1-47.EL4.i386.rpm ia64: 2a8acdc3387f80b88b05d3caf37494b4 vixie-cron-4.1-47.EL4.ia64.rpm d02b38ef9530988cf05c1bf4d14b084b vixie-cron-debuginfo-4.1-47.EL4.ia64.rpm x86_64: 9cdec79f5fd5c4daaec883aa70bb6432 vixie-cron-4.1-47.EL4.x86_64.rpm a389869eadbd3752839300ec2ee543a7 vixie-cron-debuginfo-4.1-47.EL4.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 5 client): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/vixie-cron-4.1-70.el5.src.rpm 91b16cc530bd52916de05ebf3a291ec3 vixie-cron-4.1-70.el5.src.rpm i386: bf66188eda08c4e4410854a118448fce vixie-cron-4.1-70.el5.i386.rpm ebbfcef54ccd476f05ce6e107b8c6ae6 vixie-cron-debuginfo-4.1-70.el5.i386.rpm x86_64: 2d9c6bdffb703c8ecdfb5bbac74a193e vixie-cron-4.1-70.el5.x86_64.rpm 7090e5d8fbc61e8c148c3b5a8e849ee1 vixie-cron-debuginfo-4.1-70.el5.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/vixie-cron-4.1-70.el5.src.rpm 91b16cc530bd52916de05ebf3a291ec3 vixie-cron-4.1-70.el5.src.rpm i386: bf66188eda08c4e4410854a118448fce vixie-cron-4.1-70.el5.i386.rpm ebbfcef54ccd476f05ce6e107b8c6ae6 vixie-cron-debuginfo-4.1-70.el5.i386.rpm ia64: 4bd5c5c644d7cae8a7a35ee8a8db1fe3 vixie-cron-4.1-70.el5.ia64.rpm 52f06612b2ced2ffef0f10dcc2ef1211 vixie-cron-debuginfo-4.1-70.el5.ia64.rpm ppc: ccd2a860b388dcf0b8174ac301813692 vixie-cron-4.1-70.el5.ppc.rpm b972e59606b597f9e6d8040927158294 vixie-cron-debuginfo-4.1-70.el5.ppc.rpm s390x: 308a141f06dcf269d3fcbf80d464cd9d vixie-cron-4.1-70.el5.s390x.rpm c704c4150bea7712738eb444ad65a036 vixie-cron-debuginfo-4.1-70.el5.s390x.rpm x86_64: 2d9c6bdffb703c8ecdfb5bbac74a193e vixie-cron-4.1-70.el5.x86_64.rpm 7090e5d8fbc61e8c148c3b5a8e849ee1 vixie-cron-debuginfo-4.1-70.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1856 http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGTGYNXlSAg2UNWIIRAuu0AJ0WFAFqBQi0X2qlsfVf31uMV5CxVwCglzws bfK3V0WBKBeBbG4nQYlUzfc= =pvha - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 If you believe that your computer system has been compromised or attacked in any way, we encourage you to let us know by completing the secure National IT Incident Reporting Form at: http://www.auscert.org.au/render.html?it=3192 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQCVAwUBRk0B0Ch9+71yA2DNAQKkeAP/Riergcia0o7wJV7noPoz82ZRgWw6OS4N IgLo/h8VZhJasi/XUt1fii4HjcVe42kWAP8GDJ1O09TO3Lr3DAUi4SlvQ56ag7Wh VPTeqcCxKEsg2frhg5gtX89MRj0vudghNjSUQj77kOTWRIQADAfVoLB+XgpXWYOX 52qWZOgG/Hc= =tOuy -----END PGP SIGNATURE-----