SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   libc Vendors:   Caldera/SCO
(Caldera Issues Fix for OpenLinux) Libc Buffer Overflow in gethostnamadr() and getnetnamadr() Functions May Let Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1004958
SecurityTracker URL:  http://securitytracker.com/id/1004958
CVE Reference:   CVE-2002-0684   (Links to External Site)
Updated:  Nov 16 2003
Original Entry Date:  Aug 6 2002
Impact:   Execution of arbitrary code via network, Root access via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  

Description:   A buffer overflow vulnerability was reported in 'libc'. A remote user with control over a DNS server could cause arbitrary code to be executed on the system when the system resolves an address.

Pine Internet released a security advisory for 'libc' warning of a buffer overflow in the resolver code of libc.

A remote user with control over a DNS server can send a specially crafted reply to the target host when the target host makes a certain DNS query.

The flaw appears to reside in the gethostnamadr() and getnetnamadr() functions.

Impact:   A remote user could cause arbitrary code to be run on the system in certain situations. The privileges that the code would run with depend on the privileges of the calling routine that uses the affected libc components.
Solution:   Caldera has released a fix for the DNS resolver libraries in OpenLinux.

OpenLinux 3.1.1 Server:

Package Location

ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2002-034.0/RPMS

Packages

c4175dab7596a7e20540b548a9245351 bind-8.3.3-1.i386.rpm
0492168645952a0c3331a8550a955b98 bind-doc-8.3.3-1.i386.rpm
bb21f7d71544b7d30a45ad052a16f61b bind-utils-8.3.3-1.i386.rpm
3981b760212d84b07f3ada0b6f640ae7 glibc-2.2.4-23.i386.rpm
34b1f56b27e5e561d378382a3b540092 glibc-devel-2.2.4-23.i386.rpm
31a1148ed101aa8dcf345e7f68806db2 glibc-devel-static-2.2.4-23.i386.rpm
999e375c52f236b7ce9a79311228568a glibc-localedata-2.2.4-23.i386.rpm
828c32ab1d920faa3cbca27b47a9ce04 nscd-2.2.4-23.i386.rpm

Installation

rpm -Fvh bind-8.3.3-1.i386.rpm
rpm -Fvh bind-doc-8.3.3-1.i386.rpm
rpm -Fvh bind-utils-8.3.3-1.i386.rpm
rpm -Fvh glibc-2.2.4-23.i386.rpm
rpm -Fvh glibc-devel-2.2.4-23.i386.rpm
rpm -Fvh glibc-devel-static-2.2.4-23.i386.rpm
rpm -Fvh glibc-localedata-2.2.4-23.i386.rpm
rpm -Fvh nscd-2.2.4-23.i386.rpm

Source Package Location

ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2002-034.0/SRPMS

Source Packages

2c0e5c37e7ce156e2248e9fffaa8406c bind-8.3.3-1.src.rpm
d7c443043599d74ab3ea924d0059780f glibc-2.2.4-23.src.rpm


OpenLinux 3.1.1 Workstation:

Package Location

ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2002-034.0/RPMS

Packages

63aa5ba585097c12a57a095aee7c1581 bind-8.3.3-1.i386.rpm
85f08cbe9ac9b76bca6ca701e57c0a88 bind-doc-8.3.3-1.i386.rpm
c09ace86a9e096024cb97aad1e253531 bind-utils-8.3.3-1.i386.rpm
cf8a07b46703849238b53e3af6b5b310 glibc-2.2.4-23.i386.rpm
0b4bf6623ff5fb5c6ff4bcecb11ede9d glibc-devel-2.2.4-23.i386.rpm
d575040e3b46515862cab4650925cebf glibc-devel-static-2.2.4-23.i386.rpm
59b8dda119b518e084575228fd24e919 glibc-localedata-2.2.4-23.i386.rpm
599720843db585f011d586fa5029e7c7 nscd-2.2.4-23.i386.rpm

Installation

rpm -Fvh bind-8.3.3-1.i386.rpm
rpm -Fvh bind-doc-8.3.3-1.i386.rpm
rpm -Fvh bind-utils-8.3.3-1.i386.rpm
rpm -Fvh glibc-2.2.4-23.i386.rpm
rpm -Fvh glibc-devel-2.2.4-23.i386.rpm
rpm -Fvh glibc-devel-static-2.2.4-23.i386.rpm
rpm -Fvh glibc-localedata-2.2.4-23.i386.rpm
rpm -Fvh nscd-2.2.4-23.i386.rpm

Source Package Location

ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2002-034.0/SRPMS

Source Packages

c7987406a635360bb39246e9bc850700 bind-8.3.3-1.src.rpm
c63a0354b4bc9e5c35936f985d8a3371 glibc-2.2.4-23.src.rpm


OpenLinux 3.1 Server:

Package Location

ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/CSSA-2002-034.0/RPMS

Packages

97310a145a1fac4fffc960feab323cc4 bind-8.3.3-1.i386.rpm
8a0d3c316ec29647540aa2a0b6792dfc bind-doc-8.3.3-1.i386.rpm
962f50faaa4b324c95c82be85bdf711c bind-utils-8.3.3-1.i386.rpm
ae5ac1338fd90a7e65ccd0fa707d55e3 glibc-2.2.4-23.i386.rpm
2272829001ba8dba6fe5b0d27b323c2e glibc-devel-2.2.4-23.i386.rpm
ea1a88d622b7bad0daa6f5840cf1a650 glibc-devel-static-2.2.4-23.i386.rpm
3a60a419bc4cb8794057c2ae832c1132 glibc-localedata-2.2.4-23.i386.rpm
497f26a658aa9a23f26bdcacfbf6c311 nscd-2.2.4-23.i386.rpm

Installation

rpm -Fvh bind-8.3.3-1.i386.rpm
rpm -Fvh bind-doc-8.3.3-1.i386.rpm
rpm -Fvh bind-utils-8.3.3-1.i386.rpm
rpm -Fvh glibc-2.2.4-23.i386.rpm
rpm -Fvh glibc-devel-2.2.4-23.i386.rpm
rpm -Fvh glibc-devel-static-2.2.4-23.i386.rpm
rpm -Fvh glibc-localedata-2.2.4-23.i386.rpm
rpm -Fvh nscd-2.2.4-23.i386.rpm

Source Package Location

ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/CSSA-2002-034.0/SRPMS

Source Packages

1d49abc211068aedd550d8b82837c6c4 bind-8.3.3-1.src.rpm
5b62e0ab7c60bb875147c521346fac38 glibc-2.2.4-23.src.rpm


OpenLinux 3.1 Workstation:

Package Location

ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Workstation/CSSA-2002-034.0/RPMS

Packages

06f426cfbffc0282216aedab4c235abb bind-8.3.3-1.i386.rpm
a069730960a6b3bb19aacfaa020f1625 bind-doc-8.3.3-1.i386.rpm
9a6a47c0040f3fdf89885d4f7b95fd32 bind-utils-8.3.3-1.i386.rpm
a75a8f74a263b5290f697609439084cf glibc-2.2.4-23.i386.rpm
d2d21d81306a12da7cbea0d63fb3768f glibc-devel-2.2.4-23.i386.rpm
ea496ffd59c1db465b49231988e74156 glibc-devel-static-2.2.4-23.i386.rpm
e6b63ab2513a276594769323c3083ca7 glibc-localedata-2.2.4-23.i386.rpm
d09a9fb83215cd78d055fa09eaac508d nscd-2.2.4-23.i386.rpm

Installation

rpm -Fvh bind-8.3.3-1.i386.rpm
rpm -Fvh bind-doc-8.3.3-1.i386.rpm
rpm -Fvh bind-utils-8.3.3-1.i386.rpm
rpm -Fvh glibc-2.2.4-23.i386.rpm
rpm -Fvh glibc-devel-2.2.4-23.i386.rpm
rpm -Fvh glibc-devel-static-2.2.4-23.i386.rpm
rpm -Fvh glibc-localedata-2.2.4-23.i386.rpm
rpm -Fvh nscd-2.2.4-23.i386.rpm

Source Package Location

ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Workstation/CSSA-2002-034.0/SRPMS

Source Packages

96f2c68732c563df08a69f14fbb9ecdb bind-8.3.3-1.src.rpm
3f38eb5c48d593509cc9156f61651fba glibc-2.2.4-23.src.rpm

Vendor URL:  www.caldera.com/support/security/index.html (Links to External Site)
Cause:   Boundary error
Underlying OS:  Linux (Caldera/SCO)
Underlying OS Comments:  OpenLinux 3.1, 3.1.1 (Server and Workstation

Message History:   This archive entry is a follow-up to the message listed below.
Jun 26 2002 Libc Buffer Overflow in gethostnamadr() and getnetnamadr() Functions May Let Remote Users Execute Arbitrary Code



 Source Message Contents

Subject:  Security Update: [CSSA-2002-034.0] Linux: buffer overflow in multiple DNS resolver libraries


--G4iJoqBmSsgzjUCe
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

To: bugtraq@securityfocus.com announce@lists.caldera.com security-alerts@linuxsecurity.com full-disclosure@lists.netsys.com

______________________________________________________________________________

		Caldera International, Inc.  Security Advisory

Subject:		Linux: buffer overflow in multiple DNS resolver libraries
Advisory number: 	CSSA-2002-034.0
Issue date: 		2002 August 05
Cross reference:
______________________________________________________________________________


1. Problem Description

	From CERT CA-2002-19: A buffer overflow vulnerability exists in
	multiple implementations of DNS resolver libraries. Operating
	systems and applications that utilize vulnerable DNS resolver
	libraries may be affected. A remote attacker who is able to
	send malicious DNS responses could potentially exploit this
	vulnerability to execute arbitrary code or cause a denial of
	service on a vulnerable system.


2. Vulnerable Supported Versions

	System				Package
	----------------------------------------------------------------------

	OpenLinux 3.1.1 Server		prior to bind-8.3.3-1.i386.rpm
					prior to bind-doc-8.3.3-1.i386.rpm
					prior to bind-utils-8.3.3-1.i386.rpm
					prior to glibc-2.2.4-23.i386.rpm
					prior to glibc-devel-2.2.4-23.i386.rpm
					prior to glibc-devel-static-2.2.4-23.i386.rpm
					prior to glibc-localedata-2.2.4-23.i386.rpm
					prior to nscd-2.2.4-23.i386.rpm

	OpenLinux 3.1.1 Workstation	prior to bind-8.3.3-1.i386.rpm
					prior to bind-doc-8.3.3-1.i386.rpm
					prior to bind-utils-8.3.3-1.i386.rpm
					prior to glibc-2.2.4-23.i386.rpm
					prior to glibc-devel-2.2.4-23.i386.rpm
					prior to glibc-devel-static-2.2.4-23.i386.rpm
					prior to glibc-localedata-2.2.4-23.i386.rpm
					prior to nscd-2.2.4-23.i386.rpm

	OpenLinux 3.1 Server		prior to bind-8.3.3-1.i386.rpm
					prior to bind-doc-8.3.3-1.i386.rpm
					prior to bind-utils-8.3.3-1.i386.rpm
					prior to glibc-2.2.4-23.i386.rpm
					prior to glibc-devel-2.2.4-23.i386.rpm
					prior to glibc-devel-static-2.2.4-23.i386.rpm
					prior to glibc-localedata-2.2.4-23.i386.rpm
					prior to nscd-2.2.4-23.i386.rpm

	OpenLinux 3.1 Workstation	prior to bind-8.3.3-1.i386.rpm
					prior to bind-doc-8.3.3-1.i386.rpm
					prior to bind-utils-8.3.3-1.i386.rpm
					prior to glibc-2.2.4-23.i386.rpm
					prior to glibc-devel-2.2.4-23.i386.rpm
					prior to glibc-devel-static-2.2.4-23.i386.rpm
					prior to glibc-localedata-2.2.4-23.i386.rpm
					prior to nscd-2.2.4-23.i386.rpm


3. Solution

	The proper solution is to install the latest packages. Many
	customers find it easier to use the Caldera System Updater, called
	cupdate (or kcupdate under the KDE environment), to update these
	packages rather than downloading and installing them by hand.


4. OpenLinux 3.1.1 Server

	4.1 Package Location

	ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2002-034.0/RPMS

	4.2 Packages

	c4175dab7596a7e20540b548a9245351	bind-8.3.3-1.i386.rpm
	0492168645952a0c3331a8550a955b98	bind-doc-8.3.3-1.i386.rpm
	bb21f7d71544b7d30a45ad052a16f61b	bind-utils-8.3.3-1.i386.rpm
	3981b760212d84b07f3ada0b6f640ae7	glibc-2.2.4-23.i386.rpm
	34b1f56b27e5e561d378382a3b540092	glibc-devel-2.2.4-23.i386.rpm
	31a1148ed101aa8dcf345e7f68806db2	glibc-devel-static-2.2.4-23.i386.rpm
	999e375c52f236b7ce9a79311228568a	glibc-localedata-2.2.4-23.i386.rpm
	828c32ab1d920faa3cbca27b47a9ce04	nscd-2.2.4-23.i386.rpm

	4.3 Installation

	rpm -Fvh bind-8.3.3-1.i386.rpm
	rpm -Fvh bind-doc-8.3.3-1.i386.rpm
	rpm -Fvh bind-utils-8.3.3-1.i386.rpm
	rpm -Fvh glibc-2.2.4-23.i386.rpm
	rpm -Fvh glibc-devel-2.2.4-23.i386.rpm
	rpm -Fvh glibc-devel-static-2.2.4-23.i386.rpm
	rpm -Fvh glibc-localedata-2.2.4-23.i386.rpm
	rpm -Fvh nscd-2.2.4-23.i386.rpm

	4.4 Source Package Location

	ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2002-034.0/SRPMS

	4.5 Source Packages

	2c0e5c37e7ce156e2248e9fffaa8406c	bind-8.3.3-1.src.rpm
	d7c443043599d74ab3ea924d0059780f	glibc-2.2.4-23.src.rpm


5. OpenLinux 3.1.1 Workstation

	5.1 Package Location

	ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2002-034.0/RPMS

	5.2 Packages

	63aa5ba585097c12a57a095aee7c1581	bind-8.3.3-1.i386.rpm
	85f08cbe9ac9b76bca6ca701e57c0a88	bind-doc-8.3.3-1.i386.rpm
	c09ace86a9e096024cb97aad1e253531	bind-utils-8.3.3-1.i386.rpm
	cf8a07b46703849238b53e3af6b5b310	glibc-2.2.4-23.i386.rpm
	0b4bf6623ff5fb5c6ff4bcecb11ede9d	glibc-devel-2.2.4-23.i386.rpm
	d575040e3b46515862cab4650925cebf	glibc-devel-static-2.2.4-23.i386.rpm
	59b8dda119b518e084575228fd24e919	glibc-localedata-2.2.4-23.i386.rpm
	599720843db585f011d586fa5029e7c7	nscd-2.2.4-23.i386.rpm

	5.3 Installation

	rpm -Fvh bind-8.3.3-1.i386.rpm
	rpm -Fvh bind-doc-8.3.3-1.i386.rpm
	rpm -Fvh bind-utils-8.3.3-1.i386.rpm
	rpm -Fvh glibc-2.2.4-23.i386.rpm
	rpm -Fvh glibc-devel-2.2.4-23.i386.rpm
	rpm -Fvh glibc-devel-static-2.2.4-23.i386.rpm
	rpm -Fvh glibc-localedata-2.2.4-23.i386.rpm
	rpm -Fvh nscd-2.2.4-23.i386.rpm

	5.4 Source Package Location

	ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2002-034.0/SRPMS

	5.5 Source Packages

	c7987406a635360bb39246e9bc850700	bind-8.3.3-1.src.rpm
	c63a0354b4bc9e5c35936f985d8a3371	glibc-2.2.4-23.src.rpm


6. OpenLinux 3.1 Server

	6.1 Package Location

	ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/CSSA-2002-034.0/RPMS

	6.2 Packages

	97310a145a1fac4fffc960feab323cc4	bind-8.3.3-1.i386.rpm
	8a0d3c316ec29647540aa2a0b6792dfc	bind-doc-8.3.3-1.i386.rpm
	962f50faaa4b324c95c82be85bdf711c	bind-utils-8.3.3-1.i386.rpm
	ae5ac1338fd90a7e65ccd0fa707d55e3	glibc-2.2.4-23.i386.rpm
	2272829001ba8dba6fe5b0d27b323c2e	glibc-devel-2.2.4-23.i386.rpm
	ea1a88d622b7bad0daa6f5840cf1a650	glibc-devel-static-2.2.4-23.i386.rpm
	3a60a419bc4cb8794057c2ae832c1132	glibc-localedata-2.2.4-23.i386.rpm
	497f26a658aa9a23f26bdcacfbf6c311	nscd-2.2.4-23.i386.rpm

	6.3 Installation

	rpm -Fvh bind-8.3.3-1.i386.rpm
	rpm -Fvh bind-doc-8.3.3-1.i386.rpm
	rpm -Fvh bind-utils-8.3.3-1.i386.rpm
	rpm -Fvh glibc-2.2.4-23.i386.rpm
	rpm -Fvh glibc-devel-2.2.4-23.i386.rpm
	rpm -Fvh glibc-devel-static-2.2.4-23.i386.rpm
	rpm -Fvh glibc-localedata-2.2.4-23.i386.rpm
	rpm -Fvh nscd-2.2.4-23.i386.rpm

	6.4 Source Package Location

	ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/CSSA-2002-034.0/SRPMS

	6.5 Source Packages

	1d49abc211068aedd550d8b82837c6c4	bind-8.3.3-1.src.rpm
	5b62e0ab7c60bb875147c521346fac38	glibc-2.2.4-23.src.rpm


7. OpenLinux 3.1 Workstation

	7.1 Package Location

	ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Workstation/CSSA-2002-034.0/RPMS

	7.2 Packages

	06f426cfbffc0282216aedab4c235abb	bind-8.3.3-1.i386.rpm
	a069730960a6b3bb19aacfaa020f1625	bind-doc-8.3.3-1.i386.rpm
	9a6a47c0040f3fdf89885d4f7b95fd32	bind-utils-8.3.3-1.i386.rpm
	a75a8f74a263b5290f697609439084cf	glibc-2.2.4-23.i386.rpm
	d2d21d81306a12da7cbea0d63fb3768f	glibc-devel-2.2.4-23.i386.rpm
	ea496ffd59c1db465b49231988e74156	glibc-devel-static-2.2.4-23.i386.rpm
	e6b63ab2513a276594769323c3083ca7	glibc-localedata-2.2.4-23.i386.rpm
	d09a9fb83215cd78d055fa09eaac508d	nscd-2.2.4-23.i386.rpm

	7.3 Installation

	rpm -Fvh bind-8.3.3-1.i386.rpm
	rpm -Fvh bind-doc-8.3.3-1.i386.rpm
	rpm -Fvh bind-utils-8.3.3-1.i386.rpm
	rpm -Fvh glibc-2.2.4-23.i386.rpm
	rpm -Fvh glibc-devel-2.2.4-23.i386.rpm
	rpm -Fvh glibc-devel-static-2.2.4-23.i386.rpm
	rpm -Fvh glibc-localedata-2.2.4-23.i386.rpm
	rpm -Fvh nscd-2.2.4-23.i386.rpm

	7.4 Source Package Location

	ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Workstation/CSSA-2002-034.0/SRPMS

	7.5 Source Packages

	96f2c68732c563df08a69f14fbb9ecdb	bind-8.3.3-1.src.rpm
	3f38eb5c48d593509cc9156f61651fba	glibc-2.2.4-23.src.rpm


8. References

	Specific references for this advisory:

		http://www.cert.org/advisories/CA-2002-19.html
		http://www.kb.cert.org/vuls/id/803539
		http://www.kb.cert.org/vuls/id/542971
		http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0651
		http://www.isc.org/products/BIND/bind-security.html

	Caldera security resources:

		http://www.caldera.com/support/security/index.html

	This security fix closes Caldera incidents sr866552, fz521492,
	erg501623.


9. Disclaimer

	Caldera International, Inc. is not responsible for the misuse
	of any of the information we provide on this website and/or
	through our security advisories. Our advisories are a service
	to our customers intended to promote secure installation and
	use of Caldera products.


10. Acknowledgements

	Caldera wishes to thank the CERT Coordination Center, Joost
	Pol of PINE-CERT, the FreeBSD Project, and the NetBSD Project
	for information used in this document.

______________________________________________________________________________

--G4iJoqBmSsgzjUCe
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (SCO_SV)
Comment: For info see http://www.gnupg.org

iEYEARECAAYFAj1PFGsACgkQbluZssSXDTEP1gCaA8PmAd+uWeDOU3eMKR33IKqV
jDkAoMcJJvmLJ0ZYNDo3elPejMFUkpkK
=EBnM
-----END PGP SIGNATURE-----

--G4iJoqBmSsgzjUCe--

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, SecurityGlobal.net LLC