Executive Summary
| Summary | |
|---|---|
| Title | acpid security update |
| Informations | |||
|---|---|---|---|
| Name | RHSA-2009:1642 | First vendor Publication | 2009-12-07 |
| Vendor | RedHat | Last vendor Modification | 2009-12-07 |
| Severity (Vendor) | Important | Revision | 02 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:L/AC:M/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 6.9 | Attack Range | Local |
| Cvss Impact Score | 10 | Attack Complexity | Medium |
| Cvss Expoit Score | 3.4 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Problem Description: An updated acpid package that fixes one security issue is now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux (v. 5 server) - i386, ia64, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 3. Description: acpid is a daemon that dispatches ACPI (Advanced Configuration and Power Interface) events to user-space programs. It was discovered that acpid could create its log file ("/var/log/acpid") with random permissions on some systems. A local attacker could use this flaw to escalate their privileges if the log file was created as world-writable and with the setuid or setgid bit set. (CVE-2009-4033) Please note that this flaw was due to a Red Hat-specific patch (acpid-1.0.4-fd.patch) included in the Red Hat Enterprise Linux 5 acpid package. Users are advised to upgrade to this updated package, which contains a backported patch to correct this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 515062 - /var/log/acpid has improper permissions 542926 - CVE-2009-4033 acpid: log file created with random permissions |
Original Source
| Url : https://rhn.redhat.com/errata/RHSA-2009-1642.html |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-264 | Permissions, Privileges, and Access Controls |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:10555 | |||
| Oval ID: | oval:org.mitre.oval:def:10555 | ||
| Title: | A certain Red Hat patch for acpid 1.0.4 effectively triggers a call to the open function with insufficient arguments, which might allow local users to leverage weak permissions on /var/log/acpid, and obtain sensitive information by reading this file, cause a denial of service by overwriting this file, or gain privileges by executing this file. | ||
| Description: | A certain Red Hat patch for acpid 1.0.4 effectively triggers a call to the open function with insufficient arguments, which might allow local users to leverage weak permissions on /var/log/acpid, and obtain sensitive information by reading this file, cause a denial of service by overwriting this file, or gain privileges by executing this file. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2009-4033 | Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:13771 | |||
| Oval ID: | oval:org.mitre.oval:def:13771 | ||
| Title: | DSA-1960-1 acpid -- programming error | ||
| Description: | It was discovered that acpid, the Advanced Configuration and Power Interface event daemon, on the oldstable distribution creates its log file with weak permissions, which might expose sensible information or might be abused by a local user to consume all free disk space on the same partition of the file. For the oldstable distribution, this problem has been fixed in version 1.0.4-5etch2. The stable distribution in version 1.0.8-1lenny2 and the unstable distribution in version 1.0.10-5, have been updated to fix the weak file permissions of the log file created by older versions. We recommend that you upgrade your acpid packages. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-1960-1 CVE-2009-4235 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 4.0 | Product(s): | acpid |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:23013 | |||
| Oval ID: | oval:org.mitre.oval:def:23013 | ||
| Title: | ELSA-2009:1642: acpid security update (Important) | ||
| Description: | A certain Red Hat patch for acpid 1.0.4 effectively triggers a call to the open function with insufficient arguments, which might allow local users to leverage weak permissions on /var/log/acpid, and obtain sensitive information by reading this file, cause a denial of service by overwriting this file, or gain privileges by executing this file. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2009:1642-02 CVE-2009-4033 | Version: | 6 |
| Platform(s): | Oracle Linux 5 | Product(s): | acpid |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:29263 | |||
| Oval ID: | oval:org.mitre.oval:def:29263 | ||
| Title: | RHSA-2009:1642 -- acpid security update (Important) | ||
| Description: | An updated acpid package that fixes one security issue is now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2009:1642 CESA-2009:1642-CentOS 5 CVE-2009-4033 | Version: | 3 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | acpid |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:7329 | |||
| Oval ID: | oval:org.mitre.oval:def:7329 | ||
| Title: | DSA-1960 acpid -- programming error | ||
| Description: | It was discovered that acpid, the Advanced Configuration and Power Interface event daemon, on the oldstable distribution creates its log file with weak permissions, which might expose sensitive information or might be abused by a local user to consume all free disk space on the same partition of the file. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-1960 CVE-2009-4235 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 4.0 | Product(s): | acpid |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Application | 1 |
OpenVAS Exploits
| Date | Description |
|---|---|
| 2011-08-09 | Name : CentOS Update for acpid CESA-2009:1642 centos5 i386 File : nvt/gb_CESA-2009_1642_acpid_centos5_i386.nasl |
| 2009-12-30 | Name : Debian Security Advisory DSA 1960-1 (acpid) File : nvt/deb_1960_1.nasl |
| 2009-12-30 | Name : Mandriva Security Advisory MDVSA-2009:342 (acpid) File : nvt/mdksa_2009_342.nasl |
| 2009-12-30 | Name : CentOS Security Advisory CESA-2009:1642 (acpid) File : nvt/ovcesa2009_1642.nasl |
| 2009-12-10 | Name : RedHat Security Advisory RHSA-2009:1642 File : nvt/RHSA_2009_1642.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 60870 | acpid /var/log/acpid umask Permission Weakness |
| 60851 | acpid Open Function /var/log/acpid Permission Weakness Local Privilege Escala... |
Information Assurance Vulnerability Management (IAVM)
| Date | Description |
|---|---|
| 2009-12-17 | IAVM : 2009-A-0135 - Red Hat Local Privilege Escalation Vulnerability Severity : Category II - VMSKEY : V0022104 |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2014-11-26 | Name : The remote OracleVM host is missing a security update. File : oraclevm_OVMSA-2009-0037.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2009-1642.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20091207_acpid_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1960.nasl - Type : ACT_GATHER_INFO |
| 2010-01-06 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2009-1642.nasl - Type : ACT_GATHER_INFO |
| 2009-12-28 | Name : The remote Mandriva Linux host is missing a security update. File : mandriva_MDVSA-2009-343.nasl - Type : ACT_GATHER_INFO |
| 2009-12-08 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2009-1642.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 11:53:05 |
|
