OpenBSD vi.recover Denial of Service Issue May Let Local Users Delete Zero-Length Files on the System - SecurityTracker

	Keep Track of the Latest Vulnerabilities with SecurityTracker!

Home | View Topics | Search | Contact Us |

SecurityTracker
Archives

Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary

Instant Alerts

Buy our Premium Vulnerability Notification Service to receive customized, instant alerts

Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!

Become a Partner and License Our Database or Notification Service

Report a Bug

Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com

Category: Application (Generic) > Vi.recover

Vendors: OpenBSD

OpenBSD vi.recover Denial of Service Issue May Let Local Users Delete Zero-Length Files on the System

SecurityTracker Alert ID: 1002747

SecurityTracker URL: http://securitytracker.com/id/1002747

CVE Reference: GENERIC-MAP-NOMATCH (Links to External Site)

Date: Nov 14 2001

Impact: Denial of service via local system

Fix Available: Yes Vendor Confirmed: Yes

Description: OpenBSD reported a problem in the vi.recover script that could allow a local user to delete certain files on the system.

It is reported that a security issue exists with the /usr/libexec/vi.recover script that may allow a local user to remove arbitrary zero-length files.

No further details were provided.

The vendor credits lumpy@the.whole.net for reporting the problem.

Impact: A local user could delete (remove) arbitrary zero-length files on the system.

Solution: The vulnerability has been fixed in OpenBSD-current, the 3.0 patch branch (aka 3.0-stable). The fix will be committed shortly to the 2.9 branch (aka 2.9-stable).

The vendor has also released a patch to fix the problem:

For OpenBSD-2.9:
ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.9/common/016_recover.patch

For OpenBSD-3.0
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.0/common/007_recover.patch

Vendor URL: www.openbsd.org/ (Links to External Site)

Cause: Not specified

Underlying OS: UNIX (OpenBSD)

Message History: None.

Source Message Contents

Date: Wed, 14 Nov 2001 05:40:31 -0700
Subject: security issue with /usr/libexec/vi.recover


A security issue exists with the /usr/libexec/vi.recover script
that could allow an attacker to remove arbitrary zero-length files.

This problem is fixed in OpenBSD-current, the 3.0 patch branch (aka
3.0-stable).  The fix will be committed shortly to the 2.9 branch
(aka 2.9-stable).

A patch exists to fix the problem:

For OpenBSD-2.9:
    ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.9/common/016_recover.patch

For OpenBSD-3.0
    ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.0/common/007_recover.patch

Thanks to lumpy@the.whole.net for notifying us of the problem.

 - todd

Go to the Top of This SecurityTracker Archive Page

Home | View Topics | Search | Contact Us
Copyright 2013, SecurityGlobal.net LLC