SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   OS (Linux)  >   HPE Secure OS Software for Linux Vendors:   HPE
(HP Issues Fix for HP Secure OS for Linux) 'zlib' Shared Compression Library Contains 'Double Free()' Buffer Overflow That Lets Remote Users Cause Programs Using zlib to Crash or Execute Arbitrary Code
SecurityTracker Alert ID:  1003976
SecurityTracker URL:  http://securitytracker.com/id/1003976
CVE Reference:   CVE-2002-0059   (Links to External Site)
Date:  Apr 4 2002
Impact:   Denial of service via network, Execution of arbitrary code via local system, Execution of arbitrary code via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 1.0
Description:   A vulnerability was reported in the zlib shared library, a widely used library that provides in-memory compress and decompression functions. A remote user could cause programs using this library to crash or to execute arbitrary code on the system.

It is reported that certain types of input will cause zlib to free the same area of memory twice (i.e., perform a "double free"), resulting in a buffer overflow condition when expanding compressed input. A remote user can cause programs that process untrusted user-supplied compressed input to crash or potentially execute arbitrary code on the system.

It is reported that web browsers or email programs that display image attachments or other programs that uncompress data may be particularly affected.

It is reported that Matthias Clasen <maclas@gmx.de> and Owen Taylor <otaylor@redhat.com> discovered this bug.

Impact:   A remote user can cause affected programs that use zlib to process untrusted user-supplied compressed input to crash or potentially execute arbitrary code on the system.
Solution:   The vendor has released a patch for HP Secure OS for Linux:

Patch ID, Architecture
HPTL_00013, i586
HPTL_00014, i686 (uniprocessor)
HPTL_00015, i686SMP (multiprocessor)

These patches are available as follows: -

Use your browser to access the HP IT Resource Center page at:

http://itrc.hp.com

Use the 'Login' tab at the left side of the screen to login
using your ID and password. Use your existing login or the
"Register" button at the left to create a login. Remember to save the
User ID assigned to you, and your password. This login provides
access to many useful areas of the ITRC.

Under the "Maintenance and Support" section, select "Individual Patches".

In the field at the bottom of the page labeled "retrieve a specific patch
by entering the patch name", enter {{ Patch number (s) }}

For instructions on installing the patch, please see the install text file
included in the patch.

Vendor URL:  www.hp.com/ (Links to External Site)
Cause:   Boundary error
Underlying OS:  Linux (HP Secure OS)

Message History:   This archive entry is a follow-up to the message listed below.
Mar 11 2002 'zlib' Shared Compression Library Contains 'Double Free()' Buffer Overflow That Lets Remote Users Cause Programs Using zlib to Crash or Execute Arbitrary Code



 Source Message Contents

Subject:  HP Secure OS Software for Linux security bulletins digest



Document ID:  HPSBTL0204-036
Date Loaded:  20020403
      Title:  Security vulnerabilities in the kernel

TEXT

			

				

---------------------------------------------------------------
    HEWLETT-PACKARD COMPANY SECURITY BULLETIN: #036
    Originally issued: 03 Apr '02
---------------------------------------------------------------

The information in the following Security Bulletin should be acted
upon as soon as possible.  Hewlett-Packard Company will not be
liable for any consequences to any customer resulting from customer's
failure to fully implement instructions in this Security Bulletin as
soon as possible.

---------------------------------------------------------------
PROBLEM:  Security vulnerabilities in the kernel.

PLATFORM: Any system running HP Secure OS software for Linux Release 1.0

DAMAGE:   Potential vulnerability within kernel due to static linking 
          to zlib library that contains a flaw.

SOLUTION: Apply the appropriate patch.

MANUAL ACTIONS: None

AVAILABILITY: The patches are available now.
---------------------------------------------------------------
 A. Background
 
    HP Secure OS software for Linux Release 1.0 was based upon the 
    2.4.5 version of the Linux kernel. Since that kernel release and 
    subsequent releases a vulnerability has been discovered in the kernel.

    These vulnerabilities are fixed in the Redhat Linux kernel version
    2.4.9-31. The patches listed below apply a version of this kernel
    that has been ported to HP Secure OS software for Linux.

    Please see HPSBTL0204-030 for more details on the zlib vulnerability.

 B. Fixing the problem
 
    Apply one of the following patches (depending upon the processor
    architecture on the installed system):
 
	Patch ID      Architecture
	----------    ------------------------
	HPTL_00013    i586
	HPTL_00014    i686    (uniprocessor)
	HPTL_00015    i686SMP (multiprocessor)
 
    These patches are available as follows: -

    Use your browser to access the HP IT Resource Center page
    at:

       http://itrc.hp.com

    Use the 'Login' tab at the left side of the screen to login
    using your ID and password.  Use your existing login or the
    "Register" button at the left to create a login. Remember to save the
    User ID assigned to you, and your password. This login provides
    access to many useful areas of the ITRC.

    Under the "Maintenance and Support" section, select "Individual Patches".

    In the field at the bottom of the page labeled "retrieve a specific patch
    by entering the patch name", enter {{ Patch number (s) }}

    For instructions on installing the patch, please see the install text file
    included in the patch.


 C. To subscribe to automatically receive future NEW HP Security
    Bulletins from the HP IT Resource Center via electronic
    mail, do the following:

    Use your browser to access to the HP IT Resource Center page
    at:

       http://itrc.hp.com

    Use the 'Login' tab at the left side of the screen to login
    using your ID and password.  Use your existing login or the
    "Register" button at the left to create a login. Remember to 
    save the User ID assigned to you, and your password. This
    login provides access to many useful areas of the ITRC.  

    In the left most frame select "Maintenance and Support".

    Under the "Notifications" section (near the bottom of
    the page), select "Support Information Digests".

    To -subscribe- to future HP Security Bulletins or other
    Technical Digests, click the check box (in the left column)
    for the appropriate digest and then click the "Update
    Subscriptions" button at the bottom of the page.

    or

    To -review- bulletins already released, select the link
    (in the middle column) for the appropriate digest.

 D. To report new security vulnerabilities, send email to

    security-alert@hp.com

    Please encrypt any exploit information using the
    security-alert PGP key, available from your local key
    server. You ma also get the security-alert PGP key by 
    sending a message with a -subject- (not body) of 
    'get key' (no quotes) to security-alert@hp.com.

    Permission is granted for copying and circulating this
    Bulletin to Hewlett-Packard (HP) customers (or the Internet
    community) for the purpose of alerting them to problems,
    if and only if, the Bulletin is not edited or changed in
    any way, is attributed to HP, and provided such reproduction
    and/or distribution is performed for non-commercial purposes.

    Any other use of this information is prohibited. HP is not
    liable for any misuse of this information by any third party.
 ---------------------------------------------------------------
-----End of Document ID:  HPSBTL0204-036--------------------------------------

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC