[Secure-testing-team] Bug#582798: dhcp3-client: dhclient changed the permissions of /etc/resolv.conf to -rw-rw-rw-
Vincent Lefevre
vincent at vinc17.net
Sun May 23 18:09:53 UTC 2010
Package: dhcp3-client
Version: 3.1.3-2
Severity: critical
Tags: security
Justification: root security hole
I've just seen:
$ ll /etc/resolv.conf
-rw-rw-rw- 1 root root 23 2010-05-23 08:40:05 /etc/resolv.conf
allowing modification by any user.
/etc/resolv.conf was last modified by dhclient, and AFAIK, it is the
only one that modifies this file.
-- System Information:
Debian Release: squeeze/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.31-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=POSIX, LC_CTYPE=en_US.ISO8859-1 (charmap=ISO-8859-1)
Shell: /bin/sh linked to /bin/dash
Versions of packages dhcp3-client depends on:
ii debconf [debconf-2.0] 1.5.32 Debian configuration management sy
ii debianutils 3.2.3 Miscellaneous utilities specific t
ii dhcp3-common 3.1.3-2 common files used by all the dhcp3
ii libc6 2.10.2-9 Embedded GNU C Library: Shared lib
dhcp3-client recommends no packages.
Versions of packages dhcp3-client suggests:
ii avahi-autoipd 0.6.25-3 Avahi IPv4LL network address confi
pn resolvconf <none> (no description available)
-- Configuration Files:
/etc/dhcp3/dhclient.conf changed:
option rfc3442-classless-static-routes code 121 = array of unsigned integer 8;
prepend domain-name-servers 127.0.0.1;
request subnet-mask, broadcast-address, time-offset, routers,
domain-name, domain-name-servers, domain-search, host-name,
netbios-name-servers, netbios-scope, interface-mtu,
rfc3442-classless-static-routes, ntp-servers;
-- debconf information:
dhcp3-client/dhclient-needs-restarting:
dhcp3-client/dhclient-script_moved:
More information about the Secure-testing-team
mailing list