Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2012.0990 Moderate: rhncfg security, bug fix, and enhancement update 16 October 2012 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: rhncfg Publisher: Red Hat Operating System: Red Hat Enterprise Linux Server 5 Red Hat Enterprise Linux WS/Desktop 5 Red Hat Enterprise Linux Server 6 Red Hat Enterprise Linux WS/Desktop 6 Impact/Access: Access Confidential Data -- Existing Account Resolution: Patch/Upgrade CVE Names: CVE-2012-2679 Original Bulletin: https://rhn.redhat.com/errata/RHSA-2012-1369.html - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: rhncfg security, bug fix, and enhancement update Advisory ID: RHSA-2012:1369-01 Product: Red Hat Network Tools Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-1369.html Issue date: 2012-10-15 CVE Names: CVE-2012-2679 ===================================================================== 1. Summary: Updated rhncfg packages that fix one security issue, two bugs, and add one enhancement are now available for Red Hat Network Tools for Red Hat Enterprise Linux 5 and 6; Red Hat Enterprise Linux 5.3 Long Life; and Red Hat Enterprise Linux 5.6, 6.0, 6.1, and 6.2 Extended Update Support. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: RHN Tools (v. 5 Client) - noarch RHN Tools (v. 5 Server) - noarch RHN Tools (v. 5.3.LL Server) - noarch RHN Tools (v. 5.6.z Server) - noarch RHN Tools (v. 6 Client) - noarch RHN Tools (v. 6 ComputeNode) - noarch RHN Tools (v. 6 Workstation) - noarch RHN Tools (v. 6.0.z Server) - noarch RHN Tools (v. 6.1.z Server) - noarch RHN Tools (v. 6.2.z Server) - noarch RHN Tools (v. 6.3.z Server) - noarch 3. Description: Red Hat Network Tools provide programs and libraries that allow your system to use provisioning, monitoring, and configuration management capabilities provided by Red Hat Network and Red Hat Network Satellite. It was discovered that the Red Hat Network (RHN) Configuration Client (rhncfg-client) tool set world-readable permissions on the "/var/log/rhncfg-actions" file, used to store the output of different rhncfg-client actions (such as diffing and verifying files). This could possibly allow a local attacker to obtain sensitive information they would otherwise not have access to. (CVE-2012-2679) Note: With this update, rhncfg-client cannot create diffs of files that are not already world-readable, and "/var/log/rhncfg-actions" can only be read and written to by the root user. This issue was discovered by Paul Wouters of Red Hat. This update also fixes the following bugs: * When the user attempted to use the "rhncfg-client get" command to download a backup of deployed configuration files and these configuration files contained a broken symbolic link, the command failed with an error. This update ensures that "rhncfg-client get" no longer fails in this scenario. (BZ#836445) * The SYNOPSIS section of the rhn-actions-control(8) manual page has been updated to include the "--report" command line option as expected. (BZ#820517) As well, this update adds the following enhancement: * The rhncfg-manager utility now supports a new command line option, "--selinux-context". This option can be used to upload files and directories without setting the Security-Enhanced Linux (SELinux) context. (BZ#770575) All users of Red Hat Network Tools are advised to upgrade to these updated packages, which correct these issues and add this enhancement. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 5. Bugs fixed (http://bugzilla.redhat.com/): 820517 - Missing option in man page for rhn-actions-control. 825275 - CVE-2012-2679 rhncfg: Insecure permissions used for /var/log/rhncfg-actions file 6. Package List: RHN Tools (v. 5 Client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/RHNTOOLS/SRPMS/rhncfg-5.10.27-8.el5sat.src.rpm noarch: rhncfg-5.10.27-8.el5sat.noarch.rpm rhncfg-actions-5.10.27-8.el5sat.noarch.rpm rhncfg-client-5.10.27-8.el5sat.noarch.rpm rhncfg-management-5.10.27-8.el5sat.noarch.rpm RHN Tools (v. 5 Server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/RHNTOOLS/SRPMS/rhncfg-5.10.27-8.el5sat.src.rpm noarch: rhncfg-5.10.27-8.el5sat.noarch.rpm rhncfg-actions-5.10.27-8.el5sat.noarch.rpm rhncfg-client-5.10.27-8.el5sat.noarch.rpm rhncfg-management-5.10.27-8.el5sat.noarch.rpm RHN Tools (v. 5.3.LL Server): Source: rhncfg-5.10.27-8.el5sat.src.rpm noarch: rhncfg-5.10.27-8.el5sat.noarch.rpm rhncfg-actions-5.10.27-8.el5sat.noarch.rpm rhncfg-client-5.10.27-8.el5sat.noarch.rpm rhncfg-management-5.10.27-8.el5sat.noarch.rpm RHN Tools (v. 5.6.z Server): Source: rhncfg-5.10.27-8.el5sat.src.rpm noarch: rhncfg-5.10.27-8.el5sat.noarch.rpm rhncfg-actions-5.10.27-8.el5sat.noarch.rpm rhncfg-client-5.10.27-8.el5sat.noarch.rpm rhncfg-management-5.10.27-8.el5sat.noarch.rpm RHN Tools (v. 6 Client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/RHNTOOLS/SRPMS/rhncfg-5.10.27-8.el6sat.src.rpm noarch: rhncfg-5.10.27-8.el6sat.noarch.rpm rhncfg-actions-5.10.27-8.el6sat.noarch.rpm rhncfg-client-5.10.27-8.el6sat.noarch.rpm rhncfg-management-5.10.27-8.el6sat.noarch.rpm RHN Tools (v. 6 ComputeNode): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/RHNTOOLS/SRPMS/rhncfg-5.10.27-8.el6sat.src.rpm noarch: rhncfg-5.10.27-8.el6sat.noarch.rpm rhncfg-actions-5.10.27-8.el6sat.noarch.rpm rhncfg-client-5.10.27-8.el6sat.noarch.rpm rhncfg-management-5.10.27-8.el6sat.noarch.rpm RHN Tools (v. 6.0.z Server): Source: rhncfg-5.10.27-8.el6sat.src.rpm noarch: rhncfg-5.10.27-8.el6sat.noarch.rpm rhncfg-actions-5.10.27-8.el6sat.noarch.rpm rhncfg-client-5.10.27-8.el6sat.noarch.rpm rhncfg-management-5.10.27-8.el6sat.noarch.rpm RHN Tools (v. 6.1.z Server): Source: rhncfg-5.10.27-8.el6sat.src.rpm noarch: rhncfg-5.10.27-8.el6sat.noarch.rpm rhncfg-actions-5.10.27-8.el6sat.noarch.rpm rhncfg-client-5.10.27-8.el6sat.noarch.rpm rhncfg-management-5.10.27-8.el6sat.noarch.rpm RHN Tools (v. 6.2.z Server): Source: rhncfg-5.10.27-8.el6sat.src.rpm noarch: rhncfg-5.10.27-8.el6sat.noarch.rpm rhncfg-actions-5.10.27-8.el6sat.noarch.rpm rhncfg-client-5.10.27-8.el6sat.noarch.rpm rhncfg-management-5.10.27-8.el6sat.noarch.rpm RHN Tools (v. 6.3.z Server): Source: rhncfg-5.10.27-8.el6sat.src.rpm noarch: rhncfg-5.10.27-8.el6sat.noarch.rpm rhncfg-actions-5.10.27-8.el6sat.noarch.rpm rhncfg-client-5.10.27-8.el6sat.noarch.rpm rhncfg-management-5.10.27-8.el6sat.noarch.rpm RHN Tools (v. 6 Workstation): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/RHNTOOLS/SRPMS/rhncfg-5.10.27-8.el6sat.src.rpm noarch: rhncfg-5.10.27-8.el6sat.noarch.rpm rhncfg-actions-5.10.27-8.el6sat.noarch.rpm rhncfg-client-5.10.27-8.el6sat.noarch.rpm rhncfg-management-5.10.27-8.el6sat.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2012-2679.html https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2012 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFQfFjoXlSAg2UNWIIRAty8AJwMMQbPcuidK9NMBuYNp2xsmjJXBACgl6En vtinMH+1D3wINi0eZqh6P9o= =vQZV - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBUHysoO4yVqjM2NGpAQIHcA/9GaHSM5iya1rFPgUQdN5FaqP/rPn6Z9YX gN3a4B7jVfFzHCzY5hRL9c/4+qvu6JxIfTG1lOxQW7wEEgSHSuI8UOY9U4lJqIif QHjs7/FhzbkCZOC48VmMqsyu6VJcfy7HfAa4tKUALIS1Hf8/3OGD7fYt17Gb95KZ +cw1vVcB8wVO/tWI4boDb4Yu2AVC2xM3OTU+GvtZLetGpuwpkaUJjdHSgpHBxvcq NXUA5UVIDS7yKkrqomruhdM4ZimpaI+9JL/g9gpvoSPDe2kDvF6gpnZkNZkBeLjU RsbzHTAw8fuofwgCsTlFwxWJ6lj8QeiGZ9xx5vS4a8CKQ76d6ThpXi5F7WdIO+WE jViu/m9uV55x/z7tyVQPBOpaiUAsobO3ako0baPXTLj8bEt4YDsn+mDWUCG6hxVj 6/EcjyAhohbJW+TwZ7xopf9tNyQ3eM7UyGAMV1iaxu+X8yH5jBwyX7Iq9wvkIG4b pkoKFsd0IL/X9BrSe4AVYod+ZYnffq3SS+25QtXcdeAUaKgNZ+5PTuZ7YpyQZNTM BNMra1YFALmxFmGvL13QwHXM5UDe2qjmnCjeFSAWJbrn4WeohZkkpH8ZWd9DZ2Jz 4lkqR0TrbDOawrHoWGMS9UXxECbd+Zq9Zk+p+zXvi43IMEh33iBGC/0+U1jCzpVk M6Vs4PssEL8= =CWPr -----END PGP SIGNATURE-----