Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!

TUCoPS :: Linux :: SUSE :: suse73.txt

javarunt SuSE Linux 7.3 Sym Link attack

Affected: SuSE Linux 7.3Pro
Not affected: SuSE Linux 8.2Pro, non-SuSE distributions
Possibly affected: other SuSE distributions
Vulnerable package: javarunt

Impact: Local user can gain root privileges
Exploit type: Symlink attack
Release date: October 6th 2003
Vendor status: SuSE was contacted on September 4th (> 1 month ago).
No SuSE-patch yet.

A symlink vulnerability exists in the shell script 
/sbin/conf.d/SuSEconfig.javarunt. This file is part of the package "javarunt" 
(Java runtime environment).

This vulnerability can be used by a local attacker to gain root privileges. An 
exploit has already been written by me, but I will not release it before 
October 20th.

As there is no SuSE patch available yet, you will have to fix this yourself. 
You can use the following quick'n'dirty patch to fix the issue. Note however 
that I am NOT responsible if you mess up your system! You should know what 
you're doing!

In the mentioned script you should replace _every_ occurrence of


with the following:


Again, this is not pretty but it should work.

This advisory, contact information and the exploit can be found at 

Beware of he, who would deny you access to information. For in his heart, he 
dreams himself your master.

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2020 AOH