GnuPG setgid Root Group File Overwrite

2003-07-19T00:00:00
ID OSVDB:4905
Type osvdb
Reporter Gentoo(www@gentoo.org)
Modified 2003-07-19T00:00:00

Description

Vulnerability Description

GnuPG contains a flaw that may allow a malicious user to overwrite group root writeable files. The issue is triggered when GnuPG has the setgid bit set. It is possible that the flaw may allow improper overwriting of files, resulting in a loss of integrity and/or availability.

Technical Description

GnuPG must run with setuid privileges to be able to use protected memory space. However, on the Gentoo Linux distribution, GnuPG is incorrectly also running with the setgid bit, allowing it to be used to overwrite group root writeable files.

Solution Description

Upgrade to version 1.2.2-r1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

GnuPG contains a flaw that may allow a malicious user to overwrite group root writeable files. The issue is triggered when GnuPG has the setgid bit set. It is possible that the flaw may allow improper overwriting of files, resulting in a loss of integrity and/or availability.

References:

Vendor URL: http://www.gentoo.org/ Other Advisory URL: http://www.linuxsecurity.com/advisories/gentoo_advisory-3475.html Mail List Post: http://www.securityfocus.com/advisories/5614 Keyword: gnupg gentoo setgid overwrite GNU Privacy Guard 1.2.2 -r1 1.4 _rc1 1.4 _rc2 1.4 _rc3 ISS X-Force ID: 12699 Bugtraq ID: 8228