Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
|
|
|
|
|
|
|
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
|
|
|
|
|
|
|
Want to learn about SecurityTracker? We've got answers to frequently asked questions right here
|
|
|
|
|
|
|
|
|
|
|
(HP Issues Fix for HP Secure OS for Linux) 'zlib' Shared Compression Library Contains 'Double Free()' Buffer Overflow That Lets Remote Users Cause Programs Using zlib to Crash or Execute Arbitrary Code
|
Date: Apr 4 2002
|
Impact: Denial of service via network, Execution of arbitrary code via local system, Execution of arbitrary code via network
|
Fix Available: Yes
Vendor Confirmed: Yes
|
Version(s): 1.0
|
Description: A vulnerability was reported in the zlib shared library, a widely used library that provides in-memory compress and decompression
functions. A remote user could cause programs using this library to crash or to execute arbitrary code on the system.
It is reported that certain types of input will cause zlib to free the same area of memory twice (i.e., perform a "double free"),
resulting in a buffer overflow condition when expanding compressed input. A remote user can cause programs that process untrusted
user-supplied compressed input to crash or potentially execute arbitrary code on the system.
It is reported that web browsers
or email programs that display image attachments or other programs that uncompress data may be particularly affected.
It is reported
that Matthias Clasen <maclas@gmx.de> and Owen Taylor <otaylor@redhat.com> discovered this bug.
|
Impact: A remote user can cause affected programs that use zlib to process untrusted user-supplied compressed input to crash or potentially execute arbitrary code on the system.
|
Solution: The vendor has released a patch for HP Secure OS for Linux:
Patch ID, Architecture
HPTL_00013, i586
HPTL_00014, i686 (uniprocessor)
HPTL_00015, i686SMP (multiprocessor)
These patches are available
as follows: -
Use your browser to access the HP IT Resource Center page at:
http://itrc.hp.com
Use the 'Login'
tab at the left side of the screen to login
using your ID and password. Use your existing login or the
"Register" button
at the left to create a login. Remember to save the
User ID assigned to you, and your password. This login provides
access
to many useful areas of the ITRC.
Under the "Maintenance and Support" section, select "Individual Patches".
In the
field at the bottom of the page labeled "retrieve a specific patch
by entering the patch name", enter {{ Patch number (s) }}
For instructions on installing the patch, please see the install text file
included in the patch.
|
Vendor URL: www.hp.com/ (Links to External Site)
|
Cause: Boundary error
|
Underlying OS: Linux (HP Secure OS)
|
Reported By: support_feedback@us-support.external.hp.com (IT Resource Center )
|
Message History:
This archive entry is a follow-up to the message listed below.
|
Source Message Contents
|
Date: Thu, 4 Apr 2002 06:45:37 -0800 (PST)
From: support_feedback@us-support.external.hp.com (IT Resource Center )
Subject: HP Secure OS Software for Linux security bulletins digest
|
Document ID: HPSBTL0204-036
Date Loaded: 20020403
Title: Security vulnerabilities in the kernel
TEXT
---------------------------------------------------------------
HEWLETT-PACKARD COMPANY SECURITY BULLETIN: #036
Originally issued: 03 Apr '02
---------------------------------------------------------------
The information in the following Security Bulletin should be acted
upon as soon as possible. Hewlett-Packard Company will not be
liable for any consequences to any customer resulting from customer's
failure to fully implement instructions in this Security Bulletin as
soon as possible.
---------------------------------------------------------------
PROBLEM: Security vulnerabilities in the kernel.
PLATFORM: Any system running HP Secure OS software for Linux Release 1.0
DAMAGE: Potential vulnerability within kernel due to static linking
to zlib library that contains a flaw.
SOLUTION: Apply the appropriate patch.
MANUAL ACTIONS: None
AVAILABILITY: The patches are available now.
---------------------------------------------------------------
A. Background
HP Secure OS software for Linux Release 1.0 was based upon the
2.4.5 version of the Linux kernel. Since that kernel release and
subsequent releases a vulnerability has been discovered in the kernel.
These vulnerabilities are fixed in the Redhat Linux kernel version
2.4.9-31. The patches listed below apply a version of this kernel
that has been ported to HP Secure OS software for Linux.
Please see HPSBTL0204-030 for more details on the zlib vulnerability.
B. Fixing the problem
Apply one of the following patches (depending upon the processor
architecture on the installed system):
Patch ID Architecture
---------- ------------------------
HPTL_00013 i586
HPTL_00014 i686 (uniprocessor)
HPTL_00015 i686SMP (multiprocessor)
These patches are available as follows: -
Use your browser to access the HP IT Resource Center page
at:
http://itrc.hp.com
Use the 'Login' tab at the left side of the screen to login
using your ID and password. Use your existing login or the
"Register" button at the left to create a login. Remember to save the
User ID assigned to you, and your password. This login provides
access to many useful areas of the ITRC.
Under the "Maintenance and Support" section, select "Individual Patches".
In the field at the bottom of the page labeled "retrieve a specific patch
by entering the patch name", enter {{ Patch number (s) }}
For instructions on installing the patch, please see the install text file
included in the patch.
C. To subscribe to automatically receive future NEW HP Security
Bulletins from the HP IT Resource Center via electronic
mail, do the following:
Use your browser to access to the HP IT Resource Center page
at:
http://itrc.hp.com
Use the 'Login' tab at the left side of the screen to login
using your ID and password. Use your existing login or the
"Register" button at the left to create a login. Remember to
save the User ID assigned to you, and your password. This
login provides access to many useful areas of the ITRC.
In the left most frame select "Maintenance and Support".
Under the "Notifications" section (near the bottom of
the page), select "Support Information Digests".
To -subscribe- to future HP Security Bulletins or other
Technical Digests, click the check box (in the left column)
for the appropriate digest and then click the "Update
Subscriptions" button at the bottom of the page.
or
To -review- bulletins already released, select the link
(in the middle column) for the appropriate digest.
D. To report new security vulnerabilities, send email to
security-alert@hp.com
Please encrypt any exploit information using the
security-alert PGP key, available from your local key
server. You ma also get the security-alert PGP key by
sending a message with a -subject- (not body) of
'get key' (no quotes) to security-alert@hp.com.
Permission is granted for copying and circulating this
Bulletin to Hewlett-Packard (HP) customers (or the Internet
community) for the purpose of alerting them to problems,
if and only if, the Bulletin is not edited or changed in
any way, is attributed to HP, and provided such reproduction
and/or distribution is performed for non-commercial purposes.
Any other use of this information is prohibited. HP is not
liable for any misuse of this information by any third party.
---------------------------------------------------------------
-----End of Document ID: HPSBTL0204-036--------------------------------------
|
|
Go to the Top of This SecurityTracker Archive Page
|
