Family: Red Hat Local Security Checks --> Category: infos
RHSA-2004-174: utempter Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the utempter packages
Detailed Explanation for this Vulnerability Test
An updated utempter package that fixes a potential symlink vulnerability is
Utempter is a utility that allows terminal applications such as xterm and
screen to update utmp and wtmp without requiring root rights.
Steve Grubb discovered a flaw in Utempter which allowed device names
containing directory traversal sequences such as '/../'. In combination
with an application that trusts the utmp or wtmp files, this could allow a
local attacker the ability to overwrite privileged files using a symlink.
Users should upgrade to this new version of utempter, which fixes this
Solution : http://rhn.redhat.com/errata/RHSA-2004-174.html
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.