OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Immunix Security Team (securitywirex.com)
Date: Fri Jun 29 2001 - 16:35:05 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    -----------------------------------------------------------------------
            Immunix OS Security Advisory

    Packages updated: xinetd
    Affected products: Immunix OS 7.0-beta and 7.0
    Bugs fixed: immunix/1657
    Date: Fri Jun 29 2001
    Advisory ID: IMNX-2001-70-029-01
    Obsoletes: IMNX-2001-70-024-01
    Author: Seth Arnold <sarnoldwirex.com>
    -----------------------------------------------------------------------

    Description:
      While researching the previous xinetd problem (announced by zen-parse
      and discussed in Immunix OS Advisory IMNX-2001-70-024-01), Sebastian
      Krahmer found some improper handling of strings when the length
      argument to its own internal string handling functions is less than or
      equal to zero. We think this could lead to arbitrary code execution by
      remote attackers.

      Because the string handling functions are called with arguments both
      on the stack and on the heap, StackGuard is only partially effective
      at stopping possible attacks. As a result, we advise all Immunix OS
      7.0 users upgrade immediately.

      This advisory is released only for Immunix OS 7.0 because 6.2 used
      inetd. This advisory supercedes IMNX-2001-70-024-01.

      Thanks to Sebastian Krahmer for finding the problem and Rob Braun for
      fixing the problem upstream.

      References: http://www.securityfocus.com/archive/1/194213
      http://www.securityfocus.com/advisories/3357

    Package names and locations:
      Precompiled binary packages for Immunix 7.0-beta and 7.0 are available at:
      http://download.immunix.org/ImmunixOS/7.0/updates/RPMS/xinetd-2.3.0-1_imnx.i386.rpm

      Source package for Immunix 7.0-beta and 7.0 is available at:
      http://download.immunix.org/ImmunixOS/7.0/updates/SRPMS/xinetd-2.3.0-1_imnx.src.rpm

    Immunix OS 7.0 md5sums:
      8d7e57365bb522c484e4e7435ca9eec5 RPMS/xinetd-2.3.0-1_imnx.i386.rpm
      294cfb7c6bd84e6ed27e723872179c1e SRPMS/xinetd-2.3.0-1_imnx.src.rpm

    GPG verification:
      Our public key is available at <http://wirex.com/security/GPG_KEY>.
      *** NOTE *** This key is different from the one used in advisories
      IMNX-2001-70-020-01 and earlier.

    Online version of all Immunix 6.2 updates and advisories:
      http://immunix.org/ImmunixOS/6.2/updates/

    Online version of all Immunix 7.0-beta updates and advisories:
      http://immunix.org/ImmunixOS/7.0-beta/updates/

    Online version of all Immunix 7.0 updates and advisories:
      http://immunix.org/ImmunixOS/7.0/updates/

    NOTE:
      Ibiblio is graciously mirroring our updates, so if the links above are
      slow, please try:
        ftp://ftp.ibiblio.org/pub/Linux/distributions/immunix/
      or one of the many mirrors available at:
        http://www.ibiblio.org/pub/Linux/MIRRORS.html

    Contact information:
      To report vulnerabilities, please contact securitywirex.com. WireX
      attempts to conform to the RFP vulnerability disclosure protocol
      <http://www.wiretrip.net/rfp/policy.html>.

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.0.6 (GNU/Linux)
    Comment: For info see http://www.gnupg.org

    iEYEARECAAYFAjs89IgACgkQVQcWL60UVMvxzACfXM+/1YMQLNhaNbbZNvldpB/I
    MrUAnjLkTZLAdc0zHbuW0I3lwZ257Eqb
    =U3zR
    -----END PGP SIGNATURE-----