OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: securitycaldera.com
Date: Wed Jun 05 2002 - 14:30:17 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    To: bugtraqsecurityfocus.com announcelists.caldera.com security-alertslinuxsecurity.com

    ______________________________________________________________________________

                    Caldera International, Inc. Security Advisory

    Subject: Linux: tcpdump AFS RPC and NFS packet vulnerabilities
    Advisory number: CSSA-2002-025.0
    Issue date: 2002 June 04
    Cross reference:
    ______________________________________________________________________________

    1. Problem Description

            The tcpdump program is vulnerable to several buffer overflows, the
            most serious of which are problems with the decoding of AFS RPC
            packets and the handling of malformed NFS packets. These may allow
            a remote attacker to cause arbitrary instructions to be executed
            with the privileges of the tcpdump process (usually root).

    2. Vulnerable Supported Versions

            System Package
            ----------------------------------------------------------------------

            OpenLinux 3.1.1 Server prior to tcpdump-3.6.2-2.i386.rpm

            OpenLinux 3.1.1 Workstation prior to tcpdump-3.6.2-2.i386.rpm

            OpenLinux 3.1 Server prior to tcpdump-3.6.2-2.i386.rpm

            OpenLinux 3.1 Workstation prior to tcpdump-3.6.2-2.i386.rpm

    3. Solution

            The proper solution is to install the latest packages.

    4. OpenLinux 3.1.1 Server

            4.1 Package Location

            ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Server/current/RPMS

            4.2 Packages

            86ebdc7304a9474350d6347de67cd801 tcpdump-3.6.2-2.i386.rpm

            4.3 Installation

            rpm -Fvh tcpdump-3.6.2-2.i386.rpm

            4.4 Source Package Location

            ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Server/current/SRPMS

            4.5 Source Packages

            04af4439b8f027dde02b8da4799553ea tcpdump-3.6.2-2.src.rpm

    5. OpenLinux 3.1.1 Workstation

            5.1 Package Location

            ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Workstation/current/RPMS

            5.2 Packages

            da485437a978837b8371ee381c548613 tcpdump-3.6.2-2.i386.rpm

            5.3 Installation

            rpm -Fvh tcpdump-3.6.2-2.i386.rpm

            5.4 Source Package Location

            ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Workstation/current/SRPMS

            5.5 Source Packages

            e039c224157657ee9071e3546e6e23ca tcpdump-3.6.2-2.src.rpm

    6. OpenLinux 3.1 Server

            6.1 Package Location

            ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/current/RPMS

            6.2 Packages

            2909f321142349e7028c932e90c9890f tcpdump-3.6.2-2.i386.rpm

            6.3 Installation

            rpm -Fvh tcpdump-3.6.2-2.i386.rpm

            6.4 Source Package Location

            ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/current/SRPMS

            6.5 Source Packages

            53a7e1f96bced55a4c4b9a36984be8bd tcpdump-3.6.2-2.src.rpm

    7. OpenLinux 3.1 Workstation

            7.1 Package Location

            ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Workstation/current/RPMS

            7.2 Packages

            b41c99ae95269862ee89508c00b84272 tcpdump-3.6.2-2.i386.rpm

            7.3 Installation

            rpm -Fvh tcpdump-3.6.2-2.i386.rpm

            7.4 Source Package Location

            ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Workstation/current/SRPMS

            7.5 Source Packages

            11ce6a0534493de576802e68c1841f76 tcpdump-3.6.2-2.src.rpm

    8. References

            Specific references for this advisory:
                    http://www.tcpdump.org/
                    http://www.ciac.org/ciac/bulletins/l-015.shtml
                    ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:48.tcpdump.asc

            Caldera security resources:
                    http://www.caldera.com/support/security/index.html

            This security fix closes Caldera incidents sr863999, fz520911,
            erg712040.

    9. Disclaimer

            Caldera International, Inc. is not responsible for the misuse
            of any of the information we provide on this website and/or
            through our security advisories. Our advisories are a service
            to our customers intended to promote secure installation and
            use of Caldera products.

    10. Acknowledgements

            Nick Cleaton reported the AFS RPC vulnerability. David Woodhouse
            of Red Hat reported the NFS packet vulnerability. The rest of
            the vulnerabilities were discoverd by an internal security
            audit by the FreeBSD team.
    ______________________________________________________________________________

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.0.6 (SCO_SV)
    Comment: For info see http://www.gnupg.org

    iEYEARECAAYFAjz+ZskACgkQbluZssSXDTHSAgCfbDNMqOetMrgaD0tymVqBdwYX
    gJgAoNlEX/rwk23ZKX5hjjm1RmZPbdjJ
    =W3K6
    -----END PGP SIGNATURE-----