USN-100-1: cdrecord vulnerability
Posted on: 03/24/2005 06:15 AM

A cdrecord security update is available for Ubuntu Linux 4.10

===========================================================
Ubuntu Security Notice USN-100-1 March 24, 2005
cdrtools vulnerability
http://bugs.debian.org/291376
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)

The following packages are affected:

cdrecord

The problem can be corrected by upgrading the affected package to version 4:2.0+a30.pre1-1ubuntu2.2. In general, a standard system upgrade is sufficient to effect the necessary changes.

Details follow:

Javier Fernendez-Sanguino Pefa noticed that cdrecord created temporary files in an insecure manner if DEBUG was enabled in /etc/cdrecord/rscsi. If the default value was used (which stored the debug output file in /tmp), this could allow a symbolic link attack to create or overwrite arbitrary files with the privileges of the user invoking cdrecord.

Please note that DEBUG is not enabled by default in Ubuntu, so if you did not explicitly enable it, this does not affect you.

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/c/cdrtools/cdrtools_2.0+a30
.pre1-1ubuntu2.2.diff.gz
Size/MD5: 106610 ecb116b3a798172cf2bacc0ea4da66ac
http://security.ubuntu.com/ubuntu/pool/main/c/cdrtools/cdrtools_2.0+a30
.pre1-1ubuntu2.2.dsc
Size/MD5: 767 62cb5678e5acb26ae30af99f932d518f
http://security.ubuntu.com/ubuntu/pool/main/c/cdrtools/cdrtools_2.0+a30
.pre1.orig.tar.gz
Size/MD5: 1703614 082abd117c60736d059ffec0997ca841

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/main/c/cdrtools/cdrtools-doc_2.0
+a30.pre1-1ubuntu2.2_all.deb
Size/MD5: 263578 d0637afd43c64ac57a1a2f723c76b315

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

http://security.ubuntu.com/ubuntu/pool/universe/c/cdrtools/cdda2wav_2.0
+a30.pre1-1ubuntu2.2_amd64.deb
Size/MD5: 167916 14e2eacf9cbf98ea359e054a2b4973eb
http://security.ubuntu.com/ubuntu/pool/main/c/cdrtools/cdrecord_2.0+a30
.pre1-1ubuntu2.2_amd64.deb
Size/MD5: 587930 0885cf227459e4965c5fe15d3460b0ab
http://security.ubuntu.com/ubuntu/pool/main/c/cdrtools/mkisofs_2.0+a30.
pre1-1ubuntu2.2_amd64.deb
Size/MD5: 345540 fc3bf20dc1ee51adb4d06220d5be5af6

i386 architecture (x86 compatible Intel/AMD)

http://security.ubuntu.com/ubuntu/pool/universe/c/cdrtools/cdda2wav_2.0
+a30.pre1-1ubuntu2.2_i386.deb
Size/MD5: 150710 51913b96e540e9d7716f532081390dcc
http://security.ubuntu.com/ubuntu/pool/main/c/cdrtools/cdrecord_2.0+a30
.pre1-1ubuntu2.2_i386.deb
Size/MD5: 544086 da2c20b5e9805e7328a5717a3cec8e76
http://security.ubuntu.com/ubuntu/pool/main/c/cdrtools/mkisofs_2.0+a30.
pre1-1ubuntu2.2_i386.deb
Size/MD5: 306926 8085524e3defd5e9aa21cf8f379f311c

powerpc architecture (Apple Macintosh G3/G4/G5)

http://security.ubuntu.com/ubuntu/pool/universe/c/cdrtools/cdda2wav_2.0
+a30.pre1-1ubuntu2.2_powerpc.deb
Size/MD5: 167712 01103ab30ed47382880b3003a77a3e8c
http://security.ubuntu.com/ubuntu/pool/main/c/cdrtools/cdrecord_2.0+a30
.pre1-1ubuntu2.2_powerpc.deb
Size/MD5: 591270 d4153964a3c477115678032e44a84b3c
http://security.ubuntu.com/ubuntu/pool/main/c/cdrtools/mkisofs_2.0+a30.
pre1-1ubuntu2.2_powerpc.deb
Size/MD5: 348888 94e52829ee12a455517bfae4f88273ea


Printed from Linux Compatible (http://www.linuxcompatible.org/news/story/usn_100_1_cdrecord_vulnerability.html)