RHEL 2.1 / 3 : utempter (RHSA-2004:174)
Low Nessus Plugin ID 12490
SynopsisThe remote Red Hat host is missing a security update.
DescriptionAn updated utempter package that fixes a potential symlink vulnerability is now available.
Utempter is a utility that allows terminal applications such as xterm and screen to update utmp and wtmp without requiring root privileges.
Steve Grubb discovered a flaw in Utempter which allowed device names containing directory traversal sequences such as '/../'. In combination with an application that trusts the utmp or wtmp files, this could allow a local attacker the ability to overwrite privileged files using a symlink.
Users should upgrade to this new version of utempter, which fixes this vulnerability.
SolutionUpdate the affected utempter package.