Detections
Analytics
RHEL 2.1 : sharutils (RHSA-2003:180)
high Nessus Plugin ID 12398
Synopsis
The remote Red Hat host is missing a security update.Description
Updated packages for sharutils which fix potential privilege escalation using the uudecode utility are available.The sharutils package contains a set of tools for encoding and decoding packages of files in binary or text format.
The uudecode utility creates an output file without checking to see if it was about to write to a symlink or a pipe. If a user uses uudecode to extract data into open shared directories, such as /tmp, this vulnerability could be used by a local attacker to overwrite files or lead to privilege escalation.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2002-0178 to this issue.
Users are advised to upgrade to these errata sharutils packages which contain a version of uudecode that has been patched to check for an existing pipe or symlink output file.
Solution
Update the affected sharutils package.See Also
https://access.redhat.com/security/cve/cve-2002-0178
http://www.aerasec.de/security/index.html?id=ae-200204-033〈=en
Plugin Details
Severity: High
ID: 12398
File Name: redhat-RHSA-2003-180.nasl
Version: 1.21
Type: local
Agent: unix
Family: Red Hat Local Security Checks
Published: 7/6/2004
Updated: 1/14/2021
Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: High
Base Score: 7.2
Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C
Vulnerability Information
CPE: cpe:/o:redhat:enterprise_linux:2.1, p-cpe:/a:redhat:enterprise_linux:sharutils
Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu
Patch Publication Date: 5/23/2003
Vulnerability Publication Date: 5/29/2002
Reference Information
CVE: CVE-2002-0178
RHSA: 2003:180