Red Hat Linux 6.2/6.1 Security Advisory
Back to Red Hat 6.2 Security Advisories
Back to Red Hat Linux 6.1 Errata Advisories

Package openldap-1.2.9-6

Synopsis New openldap packages

Advisory ID RHSA-2000:012-05

Issue Date 2000-04-13

Updated on 2000-04-21

Product Red Hat Linux

Keywords openldap startup symlink overwrite denial

1. Topic:

New openldap packages are available which fix a security vulnerability in Red Hat Linux 6.1 and 6.2.
2. Problem description:

OpenLDAP follows symbolic links when creating files. The default location for these files is /usr/tmp, which is a symlink to /tmp, which in turn is a world-writable directory. Local users can destroy the contents of any file on any mounted filesystem.
3. Bug IDs fixed: (see bugzilla for more information)

10714 - Insecure file creation using static files which follow symlinks.
4. Relevant releases/architectures:

Red Hat Linux 6.1 - i386 alpha sparc
Red Hat Linux 6.2 - i386 alpha sparc

5. Obsoleted by:

N/A
6. Conflicts with:

N/A
7. RPMs required:

Red Hat Linux 6.1:

Intel:
ftp://updates.redhat.com/6.1/en/os/i386/openldap-1.2.9-6.i386.rpm

Alpha:
ftp://updates.redhat.com/6.1/en/os/alpha/openldap-1.2.9-6.alpha.rpm

SPARC:
ftp://updates.redhat.com/6.1/en/os/sparc/openldap-1.2.9-6.sparc.rpm

Source:
ftp://updates.redhat.com/6.1/en/os/SRPMS/openldap-1.2.9-6.src.rpm

Red Hat Linux 6.2:

Intel:
ftp://updates.redhat.com/6.2/en/os/i386/openldap-1.2.9-6.i386.rpm

Alpha:
ftp://updates.redhat.com/6.2/en/os/alpha/openldap-1.2.9-6.alpha.rpm

SPARC:
ftp://updates.redhat.com/6.2/en/os/sparc/openldap-1.2.9-6.sparc.rpm

Source:
ftp://updates.redhat.com/6.2/en/os/SRPMS/openldap-1.2.9-6.src.rpm

8. Solution:

For each RPM for your particular architecture, run:
rpm -Fvh [filename]

where filename is the name of the RPM.
Administrators with existing databases should also move their NEXTID and *.dbb files from /usr/tmp to /var/lib/ldap, and verify that the 'directory' setting in /etc/openldap/slapd.conf is changed accordingly.
9. Verification:

MD5 sum Package Name ------------------------------------------------------------------------- fa79c61565a72407db4695ef8468a482 6.1/en/os/alpha/openldap-1.2.9-6.alpha.rpm 058c4aa63710da7490f98da4b3cad53d 6.1/en/os/i386/openldap-1.2.9-6.i386.rpm 17fbdb33172a7884f56b4fc746b1b763 6.1/en/os/SRPMS/openldap-1.2.9-6.src.rpm 816fccd85990833f7c5dfb7f2dc6e0a1 6.1/en/os/sparc/openldap-1.2.9-6.sparc.rpm fa79c61565a72407db4695ef8468a482 6.2/en/os/alpha/openldap-1.2.9-6.alpha.rpm 816fccd85990833f7c5dfb7f2dc6e0a1 6.2/en/os/sparc/openldap-1.2.9-6.sparc.rpm 17fbdb33172a7884f56b4fc746b1b763 6.2/en/os/SRPMS/openldap-1.2.9-6.src.rpm 058c4aa63710da7490f98da4b3cad53d 6.2/en/os/i386/openldap-1.2.9-6.i386.rpm
These packages are GPG signed by Red Hat, Inc. for security. Our key is available at:
http://www.redhat.com/about/contact.html
You can verify each package with the following command: rpm --checksig filename
If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg filename
Note that you need RPM >= 3.0 to check GnuPG keys.
10. References:

Thanks also go to Stan Bubrouski for reporting this problem.