---------------------------------------------------------------------- Did you know? Our assessment and impact rating along with detailed information such as exploit code availability, or if an updated patch is released by the vendor, is not part of this mailing-list? Click here to learn more about our commercial solutions: http://secunia.com/advisories/business_solutions/ Click here to trial our solutions: http://secunia.com/advisories/try_vi/ ---------------------------------------------------------------------- TITLE: Ubuntu update for dash SECUNIA ADVISORY ID: SA34205 VERIFY ADVISORY: http://secunia.com/advisories/34205/ DESCRIPTION: Ubuntu has acknowledged a security issue in dash, which can be exploited by malicious, local users to gain escalated privileges. The security issue is caused due to dash sourcing the ".profile" file from the current working directory when being started as login shell, which can be exploited to execute arbitrary shell commands with the privileges of another user by e.g. tricking a victim into starting a dash login shell in a directory containing a malicious ".profile" file. SOLUTION: Apply updated packages. -- Ubuntu 8.04 LTS -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/d/dash/dash_0.5.4-8ubuntu1.1.diff.gz Size/MD5: 171656 5f74e0a922546193a9e6279ad8680c76 http://security.ubuntu.com/ubuntu/pool/main/d/dash/dash_0.5.4-8ubuntu1.1.dsc Size/MD5: 697 e78236937fea17c0c7a43427321b1ce6 http://security.ubuntu.com/ubuntu/pool/main/d/dash/dash_0.5.4.orig.tar.gz Size/MD5: 212145 bc457e490a589d2f87f2333616b67931 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/universe/d/dash/ash_0.5.4-8ubuntu1.1_all.deb Size/MD5: 22068 82557822348627c1b240069e431886e2 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/d/dash/dash_0.5.4-8ubuntu1.1_amd64.deb Size/MD5: 96918 b8d43124e5353042c7fd93fcc5c19cc9 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/d/dash/dash_0.5.4-8ubuntu1.1_i386.deb Size/MD5: 87952 6bc4578aea92450f8e00625fd7a7755a lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/d/dash/dash_0.5.4-8ubuntu1.1_lpia.deb Size/MD5: 88194 a90de1a5dedb9cbaeb65537e8e933356 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/d/dash/dash_0.5.4-8ubuntu1.1_powerpc.deb Size/MD5: 97400 5e2187820648d980b4edaa4e4a71b6c5 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/d/dash/dash_0.5.4-8ubuntu1.1_sparc.deb Size/MD5: 91072 dc5e22376445e185eacdaa049421c866 -- Ubuntu 8.10 -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/d/dash/dash_0.5.4-9ubuntu1.1.diff.gz Size/MD5: 129759 b5363e9ff9550e89dec4be8ddc408607 http://security.ubuntu.com/ubuntu/pool/main/d/dash/dash_0.5.4-9ubuntu1.1.dsc Size/MD5: 1083 dc87a11f64c53960ffb1f55dc42a253f http://security.ubuntu.com/ubuntu/pool/main/d/dash/dash_0.5.4.orig.tar.gz Size/MD5: 212145 bc457e490a589d2f87f2333616b67931 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/universe/d/dash/ash_0.5.4-9ubuntu1.1_all.deb Size/MD5: 22286 9a34d34a67d46b8fa42584a2a7d61f76 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/d/dash/dash_0.5.4-9ubuntu1.1_amd64.deb Size/MD5: 99406 8703819fce4bc25f65caa350de05763c i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/d/dash/dash_0.5.4-9ubuntu1.1_i386.deb Size/MD5: 90266 9d8931f5ef08f4d649127db0ab644f8e lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/d/dash/dash_0.5.4-9ubuntu1.1_lpia.deb Size/MD5: 90322 a0db897e7a7c5a7706d71674bad025ee powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/d/dash/dash_0.5.4-9ubuntu1.1_powerpc.deb Size/MD5: 99500 a583f4a7fc59a7495cb3615c4af54b05 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/d/dash/dash_0.5.4-9ubuntu1.1_sparc.deb Size/MD5: 93030 1bd3a8c0907e56cb2ed17c572e61842b PROVIDED AND/OR DISCOVERED BY: Wolfgang M. Reimer ORIGINAL ADVISORY: USN-732-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2009-March/000857.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------