dcsimg
Linux Today: Linux News On Internet Time.




More on LinuxToday


Gentoo Linux Advisories: nss_ldap, net-snmp, heimdal

Oct 14, 2002, 20:29 (0 Talkback[s])


- - --------------------------------------------------------------------
GENTOO LINUX SECURITY ANNOUNCEMENT
- - --------------------------------------------------------------------

PACKAGE        :nss_ldap
SUMMARY        :Buffer overflow
DATE           :2002-10-13 12:45 UTC

- - --------------------------------------------------------------------

Buffer overflow in the DNS SRV code for nss_ldap before nss_ldap-198 
allows remote attackers to cause a denial of service and possibly 
execute arbitrary code.

DETAIL

When versions of nss_ldap prior to nss_ldap-198 are configured 
without a value for the "host" setting, nss_ldap will attempt to 
configure itself by using SRV records stored in DNS.  When parsing the 
results of the DNS query, nss_ldap does not check that the data 
returned by the server willfit into an internal buffer, leaving it 
vulnerable to a buffer overflow. The Common Vulnerabilities and 
Exposures project (cve.mitre.org/) has assigned the name CAN-2002-0825 
to this issue.

When versions of nss_ldap prior to nss_ldap-199 are configured 
without a value for the "host" setting, nss_ldap will attempt to 
configure itself by using SRV records stored in DNS.  When parsing 
the results of the DNS query, nss_ldap does not check that the data 
returned has not been truncated by the resolver libraries to avoid a 
buffer overflow, and may attempt to parse more data than is actually 
available, leaving it vulnerable to a read buffer overflow.

SOLUTION

It is recommended that all Gentoo Linux users who are running
net-libs/nss_ldap-174-r2 and earlier update their systems
as follows:

emerge rsync
emerge nss_ldap
emerge clean

- - --------------------------------------------------------------------
aliz@gentoo.org - GnuPG key is available at www.gentoo.org/~aliz
- - --------------------------------------------------------------------

- - --------------------------------------------------------------------
GENTOO LINUX SECURITY ANNOUNCEMENT
- - --------------------------------------------------------------------

PACKAGE        :net-snmp
SUMMARY        :Denial of service
DATE           :2002-10-14 08:00 UTC

- - --------------------------------------------------------------------

The SNMP daemon included in the Net-SNMP package can be crashed 
if it attempts to process a specially crafted packet. Exploitation
requires foreknowledge of a known SNMP community string (either
read or read/write). This issue potentially affects any Net-SNMP
installation in which the "public" read-only community string has not
been changed.

Read the full advisory at
http://www.idefense.com/advisory/10.02.02.txt

SOLUTION

It is recommended that all Gentoo Linux users who are running
net-analyzer/net-snmp-5.0.2a and earlier update their systems
as follows:

emerge rsync
emerge net-snmp
emerge clean

- - --------------------------------------------------------------------
aliz@gentoo.org - GnuPG key is available at www.gentoo.org/~aliz
- - --------------------------------------------------------------------

- - --------------------------------------------------------------------
GENTOO LINUX SECURITY ANNOUNCEMENT
- - --------------------------------------------------------------------

PACKAGE : heimdal
SUMMARY : remote command execution
EXPLOIT : remote
DATE    : 2002-10-14 15:30 UTC

- - --------------------------------------------------------------------

- From www.pdc.kth.se/heimdal:

Kf and kfd are used to forward credentials in a stand-alone fashion. 
Work on them never really finished, and in releases earlier than 
Heimdal 0.5 they had multiple security issues, including possible 
buffer overruns. Their use has never been recommended. 

SOLUTION

It is recommended that all Gentoo Linux users who are running
app-crypt/heimdal-0.4e and earlier update their systems
as follows:

emerge rsync
emerge heimdal
emerge clean

- - --------------------------------------------------------------------
aliz@gentoo.org - GnuPG key is available at www.gentoo.org/~aliz
- - --------------------------------------------------------------------