---

Home Security

Red Hat Linux Advisories: glibc, nss_ldap, tcpdump

By 

---------------------------------------------------------------------
                   Red Hat, Inc. Red Hat Security Advisory

Synopsis:          Updated glibc packages fix vulnerabilities in resolver
Advisory ID:       RHSA-2002:197-06
Issue date:        2002-09-10
Updated on:        2002-10-03
Product:           Red Hat Linux
Keywords:          glibc resolv DNS
Cross references:  
Obsoletes:         RHSA-2002:166-07
CVE Names:         CAN-2002-1146
---------------------------------------------------------------------

1. Topic:

Updated glibc packages are available to fix a buffer overflow in the
resolver.

2. Relevant releases/architectures:

Red Hat Linux 6.2 - alpha, i386, sparc, sparcv9
Red Hat Linux 7.0 - alpha, alphaev6, i386, i686
Red Hat Linux 7.1 - alpha, alphaev6, i386, i686, ia64
Red Hat Linux 7.2 - i386, i686, ia64
Red Hat Linux 7.3 - i386, i686

3. Problem description:

The GNU C library package, glibc, contains standard libraries which are
used by multiple programs on the system.

A read buffer overflow vulnerability exists in the glibc resolver code in
versions of glibc up to and including 2.2.5.  The vulnerability is
triggered by DNS packets larger than 1024 bytes and can cause applications
to crash.

All Red Hat Linux users are advised to upgrade to these errata packages
which contain a patch to correct this vulnerability.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade.  Only those
RPMs which are currently installed will be updated.  Those RPMs which are
not installed but included in the list will not be updated.  Note that you
can also use wildcards (*.rpm) if your current directory only contains the
desired RPMs.

Please note that this update is also available via Red Hat Network.  Many
people find this an easier way to apply updates.  To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

5. RPMs required:

Red Hat Linux 6.2:

SRPMS:
ftp://updates.redhat.com/6.2/en/os/SRPMS/glibc-2.1.3-27.src.rpm

alpha:
ftp://updates.redhat.com/6.2/en/os/alpha/glibc-2.1.3-27.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/glibc-devel-2.1.3-27.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/glibc-profile-2.1.3-27.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/nscd-2.1.3-27.alpha.rpm

i386:
ftp://updates.redhat.com/6.2/en/os/i386/glibc-2.1.3-27.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/glibc-devel-2.1.3-27.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/glibc-profile-2.1.3-27.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/nscd-2.1.3-27.i386.rpm

sparc:
ftp://updates.redhat.com/6.2/en/os/sparc/glibc-2.1.3-27.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/glibc-devel-2.1.3-27.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/glibc-profile-2.1.3-27.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/nscd-2.1.3-27.sparc.rpm

sparcv9:
ftp://updates.redhat.com/6.2/en/os/sparcv9/glibc-2.1.3-27.sparcv9.rpm

Red Hat Linux 7.0:

SRPMS:
ftp://updates.redhat.com/7.0/en/os/SRPMS/glibc-2.2.4-18.7.0.7.src.rpm

alpha:
ftp://updates.redhat.com/7.0/en/os/alpha/glibc-2.2.4-18.7.0.7.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/glibc-common-2.2.4-18.7.0.7.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/glibc-devel-2.2.4-18.7.0.7.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/glibc-profile-2.2.4-18.7.0.7.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/nscd-2.2.4-18.7.0.7.alpha.rpm

alphaev6:
ftp://updates.redhat.com/7.0/en/os/alphaev6/glibc-2.2.4-18.7.0.7.alphaev6.rpm

i386:
ftp://updates.redhat.com/7.0/en/os/i386/glibc-2.2.4-18.7.0.7.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/glibc-common-2.2.4-18.7.0.7.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/glibc-devel-2.2.4-18.7.0.7.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/glibc-profile-2.2.4-18.7.0.7.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/nscd-2.2.4-18.7.0.7.i386.rpm

i686:
ftp://updates.redhat.com/7.0/en/os/i686/glibc-2.2.4-18.7.0.7.i686.rpm

Red Hat Linux 7.1:

SRPMS:
ftp://updates.redhat.com/7.1/en/os/SRPMS/glibc-2.2.4-30.src.rpm

alpha:
ftp://updates.redhat.com/7.1/en/os/alpha/glibc-2.2.4-30.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/glibc-common-2.2.4-30.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/glibc-devel-2.2.4-30.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/glibc-profile-2.2.4-30.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/nscd-2.2.4-30.alpha.rpm

alphaev6:
ftp://updates.redhat.com/7.1/en/os/alphaev6/glibc-2.2.4-30.alphaev6.rpm

i386:
ftp://updates.redhat.com/7.1/en/os/i386/glibc-2.2.4-30.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/glibc-common-2.2.4-30.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/glibc-devel-2.2.4-30.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/glibc-profile-2.2.4-30.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/nscd-2.2.4-30.i386.rpm

i686:
ftp://updates.redhat.com/7.1/en/os/i686/glibc-2.2.4-30.i686.rpm

ia64:
ftp://updates.redhat.com/7.1/en/os/ia64/glibc-2.2.4-30.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/glibc-common-2.2.4-30.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/glibc-devel-2.2.4-30.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/glibc-profile-2.2.4-30.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/nscd-2.2.4-30.ia64.rpm

Red Hat Linux 7.2:

SRPMS:
ftp://updates.redhat.com/7.2/en/os/SRPMS/glibc-2.2.4-30.src.rpm

i386:
ftp://updates.redhat.com/7.2/en/os/i386/glibc-2.2.4-30.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/glibc-common-2.2.4-30.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/glibc-devel-2.2.4-30.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/glibc-profile-2.2.4-30.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/nscd-2.2.4-30.i386.rpm

i686:
ftp://updates.redhat.com/7.2/en/os/i686/glibc-2.2.4-30.i686.rpm

ia64:
ftp://updates.redhat.com/7.2/en/os/ia64/glibc-2.2.4-30.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/glibc-common-2.2.4-30.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/glibc-devel-2.2.4-30.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/glibc-profile-2.2.4-30.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/nscd-2.2.4-30.ia64.rpm

Red Hat Linux 7.3:

SRPMS:
ftp://updates.redhat.com/7.3/en/os/SRPMS/glibc-2.2.5-40.src.rpm

i386:
ftp://updates.redhat.com/7.3/en/os/i386/glibc-2.2.5-40.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/glibc-common-2.2.5-40.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/glibc-debug-2.2.5-40.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/glibc-debug-static-2.2.5-40.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/glibc-devel-2.2.5-40.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/glibc-profile-2.2.5-40.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/glibc-utils-2.2.5-40.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/nscd-2.2.5-40.i386.rpm

i686:
ftp://updates.redhat.com/7.3/en/os/i686/glibc-2.2.5-40.i686.rpm
ftp://updates.redhat.com/7.3/en/os/i686/glibc-debug-2.2.5-40.i686.rpm



6. Verification:

MD5 sum                          Package Name
--------------------------------------------------------------------------
27f5218e46419359a40b4f922fac708f 6.2/en/os/SRPMS/glibc-2.1.3-27.src.rpm
91687dc0a92965c0952aff3a9f9ee04d 6.2/en/os/alpha/glibc-2.1.3-27.alpha.rpm
9ff78ba76d2203fa11db03f8c2b0b834 6.2/en/os/alpha/glibc-devel-2.1.3-27.alpha.rpm
88a35d7cbb2f6c81119a0acdafacd787 6.2/en/os/alpha/glibc-profile-2.1.3-27.alpha.rpm
daca37c0404f91da1fd6c038c70051db 6.2/en/os/alpha/nscd-2.1.3-27.alpha.rpm
664e9cff01f8c3b35bbe2cdbbde17b1e 6.2/en/os/i386/glibc-2.1.3-27.i386.rpm
4271716ebddc71acc37651a6f8906f69 6.2/en/os/i386/glibc-devel-2.1.3-27.i386.rpm
8fb1ef1d21cb2cf35c5b599401690773 6.2/en/os/i386/glibc-profile-2.1.3-27.i386.rpm
e1f6e18e3fa73093dfd8cc170e87d3b9 6.2/en/os/i386/nscd-2.1.3-27.i386.rpm
fc76db1231720f03734fe6256f6af762 6.2/en/os/sparc/glibc-2.1.3-27.sparc.rpm
6e7d0e16a09f05abdf62e1a1e005a313 6.2/en/os/sparc/glibc-devel-2.1.3-27.sparc.rpm
693e5955ca3073fea984c121690b1bd5 6.2/en/os/sparc/glibc-profile-2.1.3-27.sparc.rpm
f3615936ca1777f48a8283af9670de75 6.2/en/os/sparc/nscd-2.1.3-27.sparc.rpm
59292fccc060f69193158a82c30a61c9 6.2/en/os/sparcv9/glibc-2.1.3-27.sparcv9.rpm
2df1daf817b81557abf047ea1ec94d5f 7.0/en/os/SRPMS/glibc-2.2.4-18.7.0.7.src.rpm
cbb0d99fa81339366beb3fb32f83996b 7.0/en/os/alpha/glibc-2.2.4-18.7.0.7.alpha.rpm
48fc7f5a5d425b697435ac7674a4443d 7.0/en/os/alpha/glibc-common-2.2.4-18.7.0.7.alpha.rpm
2814f400723645d3a39aed11c2731a04 7.0/en/os/alpha/glibc-devel-2.2.4-18.7.0.7.alpha.rpm
59830dc03427ae5506b0eeb35efac7a9 7.0/en/os/alpha/glibc-profile-2.2.4-18.7.0.7.alpha.rpm
dec42bf0a0467193c9f4df6362a4ddec 7.0/en/os/alpha/nscd-2.2.4-18.7.0.7.alpha.rpm
bd2c88f67ef4e96ebaf3d04c7e888968 7.0/en/os/alphaev6/glibc-2.2.4-18.7.0.7.alphaev6.rpm
b3e8b7420767e681d5dd137eafa037df 7.0/en/os/i386/glibc-2.2.4-18.7.0.7.i386.rpm
6f5c2f785f0dd7fb02c2acb4f8ceac37 7.0/en/os/i386/glibc-common-2.2.4-18.7.0.7.i386.rpm
bb4efd84395ac61c45f371fd15747634 7.0/en/os/i386/glibc-devel-2.2.4-18.7.0.7.i386.rpm
5873afa8eaa92c50e9472f236e07a093 7.0/en/os/i386/glibc-profile-2.2.4-18.7.0.7.i386.rpm
bb3102105a2e9368477662e694e3adfc 7.0/en/os/i386/nscd-2.2.4-18.7.0.7.i386.rpm
20cc366797699622e15d9bd61927e821 7.0/en/os/i686/glibc-2.2.4-18.7.0.7.i686.rpm
4618ac0d57fceb8b0db2cbfee5a10446 7.1/en/os/SRPMS/glibc-2.2.4-30.src.rpm
66e66c3bd655be6562b44431d3ef3e5b 7.1/en/os/alpha/glibc-2.2.4-30.alpha.rpm
7da3af162c10ce2a23b3e68a20dec3d5 7.1/en/os/alpha/glibc-common-2.2.4-30.alpha.rpm
a4ed34c7b9e134485bb907fd5dfdba7d 7.1/en/os/alpha/glibc-devel-2.2.4-30.alpha.rpm
f7818486c7ffd4f1b1c9cb65a5eda5f3 7.1/en/os/alpha/glibc-profile-2.2.4-30.alpha.rpm
22f28435b66b584d17626685d44c413e 7.1/en/os/alpha/nscd-2.2.4-30.alpha.rpm
c1ceb01126a07fb23dfa41f8b6b2085a 7.1/en/os/alphaev6/glibc-2.2.4-30.alphaev6.rpm
e78b00060a514030fa7f571608e71950 7.1/en/os/i386/glibc-2.2.4-30.i386.rpm
dac9135a7e5da7a4d62483a7d4808193 7.1/en/os/i386/glibc-common-2.2.4-30.i386.rpm
c37924d44b0af8d7b218901dca3dee7a 7.1/en/os/i386/glibc-devel-2.2.4-30.i386.rpm
808a047f041b4d8809f454822bf7f799 7.1/en/os/i386/glibc-profile-2.2.4-30.i386.rpm
d3a0d948d9144e89662c242d6ccd1b39 7.1/en/os/i386/nscd-2.2.4-30.i386.rpm
fa3ae3e65cb7e6cf9b60b1af7c64f6f5 7.1/en/os/i686/glibc-2.2.4-30.i686.rpm
6873a0f780b150a8834e016e9e44d5b5 7.1/en/os/ia64/glibc-2.2.4-30.ia64.rpm
c9bc907d5ff684332b3b701ebb18a83b 7.1/en/os/ia64/glibc-common-2.2.4-30.ia64.rpm
04137ceb3d24bf6e37f7a04f5d2f7448 7.1/en/os/ia64/glibc-devel-2.2.4-30.ia64.rpm
425ae87389e089663d6e0009e292aed3 7.1/en/os/ia64/glibc-profile-2.2.4-30.ia64.rpm
15910bb8128e3a830606fb768b06374c 7.1/en/os/ia64/nscd-2.2.4-30.ia64.rpm
4618ac0d57fceb8b0db2cbfee5a10446 7.2/en/os/SRPMS/glibc-2.2.4-30.src.rpm
e78b00060a514030fa7f571608e71950 7.2/en/os/i386/glibc-2.2.4-30.i386.rpm
dac9135a7e5da7a4d62483a7d4808193 7.2/en/os/i386/glibc-common-2.2.4-30.i386.rpm
c37924d44b0af8d7b218901dca3dee7a 7.2/en/os/i386/glibc-devel-2.2.4-30.i386.rpm
808a047f041b4d8809f454822bf7f799 7.2/en/os/i386/glibc-profile-2.2.4-30.i386.rpm
d3a0d948d9144e89662c242d6ccd1b39 7.2/en/os/i386/nscd-2.2.4-30.i386.rpm
fa3ae3e65cb7e6cf9b60b1af7c64f6f5 7.2/en/os/i686/glibc-2.2.4-30.i686.rpm
6873a0f780b150a8834e016e9e44d5b5 7.2/en/os/ia64/glibc-2.2.4-30.ia64.rpm
c9bc907d5ff684332b3b701ebb18a83b 7.2/en/os/ia64/glibc-common-2.2.4-30.ia64.rpm
04137ceb3d24bf6e37f7a04f5d2f7448 7.2/en/os/ia64/glibc-devel-2.2.4-30.ia64.rpm
425ae87389e089663d6e0009e292aed3 7.2/en/os/ia64/glibc-profile-2.2.4-30.ia64.rpm
15910bb8128e3a830606fb768b06374c 7.2/en/os/ia64/nscd-2.2.4-30.ia64.rpm
44492986c37d0b0d7209f0d031524d69 7.3/en/os/SRPMS/glibc-2.2.5-40.src.rpm
a6f3971f1327a973011579961522d094 7.3/en/os/i386/glibc-2.2.5-40.i386.rpm
146296060bb7033e5657ee7d359da33a 7.3/en/os/i386/glibc-common-2.2.5-40.i386.rpm
9b6c54b07943ebe7879064752edbb6ec 7.3/en/os/i386/glibc-debug-2.2.5-40.i386.rpm
b965e578070ba9a6c9aa7b7cee5ff258 7.3/en/os/i386/glibc-debug-static-2.2.5-40.i386.rpm
c2dcbf9d83f6ae6e33e16c8f0ff02615 7.3/en/os/i386/glibc-devel-2.2.5-40.i386.rpm
4d87d114861530d2e8dd071baf181dac 7.3/en/os/i386/glibc-profile-2.2.5-40.i386.rpm
a94156cb193b4620be6847903840ec9d 7.3/en/os/i386/glibc-utils-2.2.5-40.i386.rpm
7959b6bd999b93e1eafb4f5a5fe3faaa 7.3/en/os/i386/nscd-2.2.5-40.i386.rpm
2ddc1effba611839002e2c899951eeb2 7.3/en/os/i686/glibc-2.2.5-40.i686.rpm
756e7e8b66e30331a879970665bf777d 7.3/en/os/i686/glibc-debug-2.2.5-40.i686.rpm


These packages are GPG signed by Red Hat, Inc. for security.  Our key
is available at:
    http://www.redhat.com/about/contact/pgpkey.html

You can verify each package with the following command:
    rpm --checksig  <filename>

If you only wish to verify that each package has not been corrupted or
tampered with, examine only the md5sum with the following command:
    rpm --checksig --nogpg <filename>


7. References:

http://www.kb.cert.org/vuls/id/738331
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1146



---------------------------------------------------------------------
                   Red Hat, Inc. Red Hat Security Advisory

Synopsis:          Updated nss_ldap packages fix buffer overflow
Advisory ID:       RHSA-2002:175-16
Issue date:        2002-08-12
Updated on:        2002-10-03
Product:           Red Hat Linux
Keywords:          nss_ldap dns automatic configuration MAXPACKET
Cross references:  
Obsoletes:         RHSA-2002:084
CVE Names:         CAN-2002-0825 CAN-2002-0374
---------------------------------------------------------------------

1. Topic:

Updated nss_ldap packages are now available for Red Hat Linux 6.2, 7, 7.1,
7.2, and 7.3. These updates fix a potential buffer overflow which can occur
when nss_ldap is set to configure itself using information stored in DNS,
a format string bug in logging functions used in pam_ldap, and to properly
handle truncated DNS responses.

2. Relevant releases/architectures:

Red Hat Linux 6.2 - alpha, i386, sparc
Red Hat Linux 7.0 - alpha, i386
Red Hat Linux 7.1 - alpha, i386, ia64
Red Hat Linux 7.2 - i386, ia64
Red Hat Linux 7.3 - i386

3. Problem description:

nss_ldap is a set of C library extensions that allow X.500 and LDAP
directory servers to be used as a primary source of aliases, ethers,
groups, hosts, networks, protocols, users, RPCs, services, and shadow
passwords (instead of or in addition to using flat files or NIS).

When versions of nss_ldap prior to nss_ldap-198 are configured without a
value for the "host" setting, nss_ldap will attempt to configure itself by
using SRV records stored in DNS.  When parsing the results of the DNS
query, nss_ldap does not check that the data returned by the server will
fit into an internal buffer, leaving it vulnerable to a buffer overflow.
The Common Vulnerabilities and Exposures project (cve.mitre.org/) has
assigned the name CAN-2002-0825 to this issue.

When versions of nss_ldap prior to nss_ldap-199 are configured without a
value for the "host" setting, nss_ldap will attempt to configure itself by
using SRV records stored in DNS.  When parsing the results of the DNS
query, nss_ldap does not check that the data returned has not been
truncated by the resolver libraries to avoid a buffer overflow, and may
attempt to parse more data than is actually available, leaving it
vulnerable to a read buffer overflow.  

Versions of pam_ldap prior to version 144 include a format string bug in
the logging function. The packages included in this erratum update pam_ldap
to version 144, fixing this bug.  The Common Vulnerabilities and Exposures
project (cve.mitre.org/) has assigned the name CAN-2002-0374 to this issue.

All users of nss_ldap should update to these errata packages which are not
vulnerable to the above issues. The errata packages are based on
nss_ldap-189 with the addition of a backported security patch and pam_ldap
version 144.

Thanks to the nss_ldap and pam_ldap team at padl.com for providing
information about these issues.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade.  Only those
RPMs which are currently installed will be updated.  Those RPMs which are
not installed but included in the list will not be updated.  Note that you
can also use wildcards (*.rpm) if your current directory only contains the
desired RPMs.

Please note that this update is also available via Red Hat Network.  Many
people find this an easier way to apply updates.  To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

5. RPMs required:

Red Hat Linux 6.2:

SRPMS:
ftp://updates.redhat.com/6.2/en/os/SRPMS/nss_ldap-189-3.6.src.rpm

alpha:
ftp://updates.redhat.com/6.2/en/os/alpha/nss_ldap-189-3.6.alpha.rpm

i386:
ftp://updates.redhat.com/6.2/en/os/i386/nss_ldap-189-3.6.i386.rpm

sparc:
ftp://updates.redhat.com/6.2/en/os/sparc/nss_ldap-189-3.6.sparc.rpm

Red Hat Linux 7.0:

SRPMS:
ftp://updates.redhat.com/7.0/en/os/SRPMS/nss_ldap-189-3.7.src.rpm

alpha:
ftp://updates.redhat.com/7.0/en/os/alpha/nss_ldap-189-3.7.alpha.rpm

i386:
ftp://updates.redhat.com/7.0/en/os/i386/nss_ldap-189-3.7.i386.rpm

Red Hat Linux 7.1:

SRPMS:
ftp://updates.redhat.com/7.1/en/os/SRPMS/nss_ldap-189-3.7.src.rpm

alpha:
ftp://updates.redhat.com/7.1/en/os/alpha/nss_ldap-189-3.7.alpha.rpm

i386:
ftp://updates.redhat.com/7.1/en/os/i386/nss_ldap-189-3.7.i386.rpm

ia64:
ftp://updates.redhat.com/7.1/en/os/ia64/nss_ldap-189-3.7.ia64.rpm

Red Hat Linux 7.2:

SRPMS:
ftp://updates.redhat.com/7.2/en/os/SRPMS/nss_ldap-189-4.src.rpm

i386:
ftp://updates.redhat.com/7.2/en/os/i386/nss_ldap-189-4.i386.rpm

ia64:
ftp://updates.redhat.com/7.2/en/os/ia64/nss_ldap-189-4.ia64.rpm

Red Hat Linux 7.3:

SRPMS:
ftp://updates.redhat.com/7.3/en/os/SRPMS/nss_ldap-189-4.src.rpm

i386:
ftp://updates.redhat.com/7.3/en/os/i386/nss_ldap-189-4.i386.rpm



6. Verification:

MD5 sum                          Package Name
--------------------------------------------------------------------------
2acbcd575035a1afcb9e74694a6b7b39 6.2/en/os/SRPMS/nss_ldap-189-3.6.src.rpm
1a670c4c2a343b26508aa04ae06d2306 6.2/en/os/alpha/nss_ldap-189-3.6.alpha.rpm
4069002846304df7840cbe81517f8b3d 6.2/en/os/i386/nss_ldap-189-3.6.i386.rpm
e26b1be702d0bf65f455e17d16844354 6.2/en/os/sparc/nss_ldap-189-3.6.sparc.rpm
9b44c5148cd1d3d688a9603f11a4d794 7.0/en/os/SRPMS/nss_ldap-189-3.7.src.rpm
2d245d41c6a27b62670a0e3cbc48e93b 7.0/en/os/alpha/nss_ldap-189-3.7.alpha.rpm
5c34d52cfa0425e8b3d0e63838729703 7.0/en/os/i386/nss_ldap-189-3.7.i386.rpm
9b44c5148cd1d3d688a9603f11a4d794 7.1/en/os/SRPMS/nss_ldap-189-3.7.src.rpm
2d245d41c6a27b62670a0e3cbc48e93b 7.1/en/os/alpha/nss_ldap-189-3.7.alpha.rpm
5c34d52cfa0425e8b3d0e63838729703 7.1/en/os/i386/nss_ldap-189-3.7.i386.rpm
27c07eb113adebc7d79d48d8c9df9356 7.1/en/os/ia64/nss_ldap-189-3.7.ia64.rpm
d421772f8f5bd985dc2c288aee729ff6 7.2/en/os/SRPMS/nss_ldap-189-4.src.rpm
8dc0d40503cbc09a55a111fc53ec42ba 7.2/en/os/i386/nss_ldap-189-4.i386.rpm
acd545a47e2be38ed8c9b94ea9801e4c 7.2/en/os/ia64/nss_ldap-189-4.ia64.rpm
d421772f8f5bd985dc2c288aee729ff6 7.3/en/os/SRPMS/nss_ldap-189-4.src.rpm
8dc0d40503cbc09a55a111fc53ec42ba 7.3/en/os/i386/nss_ldap-189-4.i386.rpm


These packages are GPG signed by Red Hat, Inc. for security.  Our key
is available at:
    http://www.redhat.com/about/contact/pgpkey.html

You can verify each package with the following command:
    rpm --checksig  <filename>

If you only wish to verify that each package has not been corrupted or
tampered with, examine only the md5sum with the following command:
    rpm --checksig --nogpg <filename>


7. References:

http://www.padl.com/Articles/PotentialBufferOverflowin.html
http://www.padl.com/OSS/pam_ldap.html
http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0053.html
http://www.kb.cert.org/vuls/id/738331
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0825
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0374



---------------------------------------------------------------------
                   Red Hat, Inc. Red Hat Security Advisory

Synopsis:          Updated tcpdump packages fix buffer overflow
Advisory ID:       RHSA-2002:094-16
Issue date:        2002-05-17
Updated on:        2002-10-04
Product:           Red Hat Linux
Keywords:          tcpdump arpwatch buffer overflow
Cross references:  
Obsoletes:         RHSA-2001:089-10
CVE Names:         CAN-2002-0380
---------------------------------------------------------------------

1. Topic:

Updated tcpdump, libpcap, and arpwatch packages are available for Red
Hat Linux 6.2 and 7.x. These updates close a buffer overflow when handling
NFS packets.

[Update 3 October 2002]
Replacement packages have been added for Red Hat Linux 6.2 as the previous
packages could not be installed with the version of RPM that shipped with
Red Hat Linux 6.2.  Replacement packages have also been added for Red Hat
Linux 7.0 as the previous packages were not built correctly.

2. Relevant releases/architectures:

Red Hat Linux 6.2 - alpha, i386, sparc
Red Hat Linux 7.0 - alpha, i386
Red Hat Linux 7.1 - alpha, i386, ia64
Red Hat Linux 7.2 - i386, ia64

3. Problem description:

tcpdump is a command-line tool for monitoring network traffic.  Versions of
tcpdump up to and including 3.6.2 have a buffer overflow that can be
triggered when tracing the network by a bad NFS packet.

We are not yet aware if this issue is fully exploitable; however, users of
tcpdump are advised to upgrade to these errata packages which contain a
patch for this issue.

The Common Vulnerabilities and Exposures project (cve.mitre.org/) has
assigned the name CAN-2002-0380 to this issue.  This issue was found by
David Woodhouse of Red Hat.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade.  Only those
RPMs which are currently installed will be updated.  Those RPMs which are
not installed but included in the list will not be updated.  Note that you
can also use wildcards (*.rpm) if your current directory only contains the
desired RPMs.

Please note that this update is also available via Red Hat Network.  Many
people find this an easier way to apply updates.  To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

5. Bug IDs fixed (http://bugzilla.redhat.com/bugzilla for more info):

55145 - tcpdump segfaults when displaying NFS traffic.
63113 - Start script refers to non/existing /etc/init.d directory

6. RPMs required:

Red Hat Linux 6.2:

SRPMS:
ftp://updates.redhat.com/6.2/en/os/SRPMS/tcpdump-3.6.2-11.6.2.2.src.rpm

alpha:
ftp://updates.redhat.com/6.2/en/os/alpha/tcpdump-3.6.2-11.6.2.2.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/libpcap-0.6.2-11.6.2.2.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/arpwatch-2.1a11-11.6.2.2.alpha.rpm

i386:
ftp://updates.redhat.com/6.2/en/os/i386/tcpdump-3.6.2-11.6.2.2.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/libpcap-0.6.2-11.6.2.2.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/arpwatch-2.1a11-11.6.2.2.i386.rpm

sparc:
ftp://updates.redhat.com/6.2/en/os/sparc/tcpdump-3.6.2-11.6.2.2.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/libpcap-0.6.2-11.6.2.2.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/arpwatch-2.1a11-11.6.2.2.sparc.rpm

Red Hat Linux 7.0:

SRPMS:
ftp://updates.redhat.com/7.0/en/os/SRPMS/tcpdump-3.6.2-11.7.0.1.src.rpm

alpha:
ftp://updates.redhat.com/7.0/en/os/alpha/tcpdump-3.6.2-11.7.0.1.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/libpcap-0.6.2-11.7.0.1.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/arpwatch-2.1a11-11.7.0.1.alpha.rpm

i386:
ftp://updates.redhat.com/7.0/en/os/i386/tcpdump-3.6.2-11.7.0.1.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/libpcap-0.6.2-11.7.0.1.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/arpwatch-2.1a11-11.7.0.1.i386.rpm

Red Hat Linux 7.1:

SRPMS:
ftp://updates.redhat.com/7.1/en/os/SRPMS/tcpdump-3.6.2-11.7.1.0.src.rpm

alpha:
ftp://updates.redhat.com/7.1/en/os/alpha/tcpdump-3.6.2-11.7.1.0.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/libpcap-0.6.2-11.7.1.0.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/arpwatch-2.1a11-11.7.1.0.alpha.rpm

i386:
ftp://updates.redhat.com/7.1/en/os/i386/tcpdump-3.6.2-11.7.1.0.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/libpcap-0.6.2-11.7.1.0.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/arpwatch-2.1a11-11.7.1.0.i386.rpm

ia64:
ftp://updates.redhat.com/7.1/en/os/ia64/tcpdump-3.6.2-11.7.1.0.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/libpcap-0.6.2-11.7.1.0.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/arpwatch-2.1a11-11.7.1.0.ia64.rpm

Red Hat Linux 7.2:

SRPMS:
ftp://updates.redhat.com/7.2/en/os/SRPMS/tcpdump-3.6.2-11.7.2.0.src.rpm

i386:
ftp://updates.redhat.com/7.2/en/os/i386/tcpdump-3.6.2-11.7.2.0.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/libpcap-0.6.2-11.7.2.0.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/arpwatch-2.1a11-11.7.2.0.i386.rpm

ia64:
ftp://updates.redhat.com/7.2/en/os/ia64/tcpdump-3.6.2-11.7.2.0.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/libpcap-0.6.2-11.7.2.0.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/arpwatch-2.1a11-11.7.2.0.ia64.rpm



7. Verification:

MD5 sum                          Package Name
--------------------------------------------------------------------------
0d1978ac6fbf008d559ba4c6732f21e7 6.2/en/os/SRPMS/tcpdump-3.6.2-11.6.2.2.src.rpm
db348001b61114bdc5dbfb8aacec9c4b 6.2/en/os/alpha/arpwatch-2.1a11-11.6.2.2.alpha.rpm
6db33d48ac163d3bc0aeb5c1c215f549 6.2/en/os/alpha/libpcap-0.6.2-11.6.2.2.alpha.rpm
4b2a073b84675781df605ada020926d7 6.2/en/os/alpha/tcpdump-3.6.2-11.6.2.2.alpha.rpm
c82c835a28a5cd191cbc660cb63a0325 6.2/en/os/i386/arpwatch-2.1a11-11.6.2.2.i386.rpm
50819dab95623b007dcb1364be15697e 6.2/en/os/i386/libpcap-0.6.2-11.6.2.2.i386.rpm
47038e2ab0d9d978592605601b51d8d4 6.2/en/os/i386/tcpdump-3.6.2-11.6.2.2.i386.rpm
918d817dfecbfa52f485a634f6eff5d1 6.2/en/os/sparc/arpwatch-2.1a11-11.6.2.2.sparc.rpm
b7e2e105bc460df515a29b9a2540622a 6.2/en/os/sparc/libpcap-0.6.2-11.6.2.2.sparc.rpm
0dbbc51da0998ccebf2a7a790f5f77af 6.2/en/os/sparc/tcpdump-3.6.2-11.6.2.2.sparc.rpm
520dd6721b416315adfa815ccbf1c9e1 7.0/en/os/SRPMS/tcpdump-3.6.2-11.7.0.1.src.rpm
b1b439b8b84cbd8f1288c964547571e0 7.0/en/os/alpha/arpwatch-2.1a11-11.7.0.1.alpha.rpm
a45bd661561b2307c2853430f3183367 7.0/en/os/alpha/libpcap-0.6.2-11.7.0.1.alpha.rpm
9970d0be7edeb613cf7087d5acdf48d4 7.0/en/os/alpha/tcpdump-3.6.2-11.7.0.1.alpha.rpm
d677bbce990410dc9b203be3fc005c79 7.0/en/os/i386/arpwatch-2.1a11-11.7.0.1.i386.rpm
dbab830179454642ee4e6070379467ac 7.0/en/os/i386/libpcap-0.6.2-11.7.0.1.i386.rpm
7025f66b80b8c164a2db05c364c1c805 7.0/en/os/i386/tcpdump-3.6.2-11.7.0.1.i386.rpm
27bf8dea340db81f1e946356c6bef684 7.1/en/os/SRPMS/tcpdump-3.6.2-11.7.1.0.src.rpm
a677cec9114214c2ea5e5b17e709883d 7.1/en/os/alpha/arpwatch-2.1a11-11.7.1.0.alpha.rpm
f7b8cf962abe27d65d628dae5cb992bd 7.1/en/os/alpha/libpcap-0.6.2-11.7.1.0.alpha.rpm
755e2fa9fb0530735e03388f702cfd38 7.1/en/os/alpha/tcpdump-3.6.2-11.7.1.0.alpha.rpm
edc6718ed479661f40c929da92b4e24b 7.1/en/os/i386/arpwatch-2.1a11-11.7.1.0.i386.rpm
4e1a186b4287de4183a7fca4d868906e 7.1/en/os/i386/libpcap-0.6.2-11.7.1.0.i386.rpm
2eb63c329def52d1bcdd88f8b3d01841 7.1/en/os/i386/tcpdump-3.6.2-11.7.1.0.i386.rpm
17319e98b00c707f8c924766f0395aad 7.1/en/os/ia64/arpwatch-2.1a11-11.7.1.0.ia64.rpm
8a214b04f325451eecaf08574ebacc7a 7.1/en/os/ia64/libpcap-0.6.2-11.7.1.0.ia64.rpm
90db41ce76a94d2d10369437704bb934 7.1/en/os/ia64/tcpdump-3.6.2-11.7.1.0.ia64.rpm
1cfcf4efdad9c8d44f9c70a9da8da690 7.2/en/os/SRPMS/tcpdump-3.6.2-11.7.2.0.src.rpm
82f93afd069a3b85ddf5a44daeff589f 7.2/en/os/i386/arpwatch-2.1a11-11.7.2.0.i386.rpm
f26ebb5d1cbb91d4b5effd9174f1728d 7.2/en/os/i386/libpcap-0.6.2-11.7.2.0.i386.rpm
cc168b456fbde106ad1879fe7346c1ee 7.2/en/os/i386/tcpdump-3.6.2-11.7.2.0.i386.rpm
74863a3b3110d2dbb03a03c1ad213152 7.2/en/os/ia64/arpwatch-2.1a11-11.7.2.0.ia64.rpm
876adc0c4d794e75a48e5c6b87fbca45 7.2/en/os/ia64/libpcap-0.6.2-11.7.2.0.ia64.rpm
f7543f13b1734c779cafd600566569b2 7.2/en/os/ia64/tcpdump-3.6.2-11.7.2.0.ia64.rpm


These packages are GPG signed by Red Hat, Inc. for security.  Our key
is available at:
    http://www.redhat.com/about/contact/pgpkey.html

You can verify each package with the following command:
    rpm --checksig  <filename>

If you only wish to verify that each package has not been corrupted or
tampered with, examine only the md5sum with the following command:
    rpm --checksig --nogpg <filename>


8. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0380


Copyright(c) 2000, 2001, 2002 Red Hat, Inc.

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis

Must Read

LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.

Our Brands

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.