Rapid7 Vulnerability & Exploit Database

RHSA-2002:148: Updated Tcl/Tk packages fix local vulnerability

Back to Search

RHSA-2002:148: Updated Tcl/Tk packages fix local vulnerability

Severity
7
CVSS
(AV:L/AC:L/Au:N/C:C/I:C/A:C)
Published
07/19/2001
Created
07/25/2018
Added
10/28/2005
Modified
07/04/2017

Description

Updated Tcl/Tk packages for Red Hat Linux 7 and 7.1 fix two local vulnerabilities. [Updated 16 April 2003] Added packages for Red Hat Linux on IBM iSeries and pSeries systems.

The Tcl/Tk development environment comprises a number of applications tcl, tk, tix, tclX, expect, and itcl. The expect application, prior to version 5.32, searched for its libraries in /var/tmp before searching in other directories. This behavior could allow local users to gain root privileges by writing a Trojan horse library and getting the root user to run mkpasswd. The tcl/tk package searched for its libraries in the current working directory before other directories, which could allow local users to execute arbitrary code by writing Trojan horse library that is under a user-controlled directory. These issues affect Red Hat Linux versions 7 and 7.1, they were fixed in later Red Hat releases. All users should upgrade to the errata packages which are not vulnerable to these issues.

Solution(s)

  • redhat-upgrade-expect
  • redhat-upgrade-itcl
  • redhat-upgrade-tcl
  • redhat-upgrade-tcllib
  • redhat-upgrade-tclx
  • redhat-upgrade-tix
  • redhat-upgrade-tk

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;