Red Hat Local Security Checks : RedHat Security Advisory RHSA-2002:180

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.51231

Categoría: Red Hat Local Security Checks

Título: RedHat Security Advisory RHSA-2002:180

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing updates announced in
advisory RHSA-2002:180.

Updated nss_ldap packages are now available for Red Hat Linux Advanced
Server 2.1. These updates fix a potential buffer overflow which can occur
when nss_ldap is set to configure itself using information stored in DNS
as well as a format string bug in logging functions used in pam_ldap.

[Updated 09 Jan 2003]
Added fixed packages for the Itanium (IA64) architecture.

[Updated 06 Feb 2003]
Added fixed packages for Advanced Workstation 2.1

nss_ldap is a set of C library extensions that allow X.500 and LDAP
directory servers to be used as a primary source of aliases, ethers,
groups, hosts, networks, protocols, users, RPCs, services, and shadow
passwords (instead of or in addition to using flat files or NIS).

When versions of nss_ldap prior to nss_ldap-198 are configured without a
value for the 'host' setting, nss_ldap will attempt to configure itself by
using SRV records stored in DNS. When parsing the results of the DNS
query, nss_ldap does not check that data returned by the server will fit
into an internal buffer, leaving it vulnerable to a buffer overflow
The Common Vulnerabilities and Exposures project has assigned the name
CVE-2002-0825 to this issue.

When versions of nss_ldap prior to nss_ldap-199 are configured without a
value for the 'host' setting, nss_ldap will attempt to configure itself by
using SRV records stored in DNS. When parsing the results of the DNS
query, nss_ldap does not check that the data returned has not been
truncated by the resolver libraries to avoid a buffer overflow, and may
attempt to parse more data than is actually available, leaving it
vulnerable to a read buffer overflow.

Versions of pam_ldap prior to version 144 include a format string bug in
the logging function. The packages included in this erratum update pam_ldap
to version 144, fixing this bug. The Common Vulnerabilities and Exposures
project has assigned the name CVE-2002-0374 to this issue.

All users of nss_ldap should update to these errata packages which are not
vulnerable to the above issues. These packages are based on nss_ldap-189
with the addition of a backported security patch and pam_ldap version 144.

Thanks to the nss_ldap and pam_ldap team at padl.com for providing
information about these issues.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2002-180.html
http://www.padl.com/Articles/PotentialBufferOverflowin.html
http://www.padl.com/OSS/pam_ldap.html
http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0053.html
http://www.kb.cert.org/vuls/id/738331

Risk factor : High

CVSS Score:
7.5

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2002-0825
Common Vulnerability Exposure (CVE) ID: CVE-2002-0374
BugTraq ID: 4679
http://www.securityfocus.com/bid/4679
Bugtraq: 20020506 ldap vulnerabilities (Google Search)
Bugtraq: 20021030 GLSA: pam_ldap (Google Search)
http://marc.info/?l=bugtraq&m=103601912505261&w=2
Caldera Security Advisory: CSSA-2002-041.0
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-041.0.txt
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:075
http://www.redhat.com/support/errata/RHSA-2002-084.html
http://www.redhat.com/support/errata/RHSA-2002-141.html
http://www.redhat.com/support/errata/RHSA-2002-175.html
http://www.redhat.com/support/errata/RHSA-2002-180.html
http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0053.html
http://www.iss.net/security_center/static/9018.php

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.51231
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2002:180
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2002:180. Updated nss_ldap packages are now available for Red Hat Linux Advanced Server 2.1. These updates fix a potential buffer overflow which can occur when nss_ldap is set to configure itself using information stored in DNS as well as a format string bug in logging functions used in pam_ldap. [Updated 09 Jan 2003] Added fixed packages for the Itanium (IA64) architecture. [Updated 06 Feb 2003] Added fixed packages for Advanced Workstation 2.1 nss_ldap is a set of C library extensions that allow X.500 and LDAP directory servers to be used as a primary source of aliases, ethers, groups, hosts, networks, protocols, users, RPCs, services, and shadow passwords (instead of or in addition to using flat files or NIS). When versions of nss_ldap prior to nss_ldap-198 are configured without a value for the 'host' setting, nss_ldap will attempt to configure itself by using SRV records stored in DNS. When parsing the results of the DNS query, nss_ldap does not check that data returned by the server will fit into an internal buffer, leaving it vulnerable to a buffer overflow The Common Vulnerabilities and Exposures project has assigned the name CVE-2002-0825 to this issue. When versions of nss_ldap prior to nss_ldap-199 are configured without a value for the 'host' setting, nss_ldap will attempt to configure itself by using SRV records stored in DNS. When parsing the results of the DNS query, nss_ldap does not check that the data returned has not been truncated by the resolver libraries to avoid a buffer overflow, and may attempt to parse more data than is actually available, leaving it vulnerable to a read buffer overflow. Versions of pam_ldap prior to version 144 include a format string bug in the logging function. The packages included in this erratum update pam_ldap to version 144, fixing this bug. The Common Vulnerabilities and Exposures project has assigned the name CVE-2002-0374 to this issue. All users of nss_ldap should update to these errata packages which are not vulnerable to the above issues. These packages are based on nss_ldap-189 with the addition of a backported security patch and pam_ldap version 144. Thanks to the nss_ldap and pam_ldap team at padl.com for providing information about these issues. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2002-180.html http://www.padl.com/Articles/PotentialBufferOverflowin.html http://www.padl.com/OSS/pam_ldap.html http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0053.html http://www.kb.cert.org/vuls/id/738331 Risk factor : High CVSS Score: 7.5
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2002-0825 Common Vulnerability Exposure (CVE) ID: CVE-2002-0374 BugTraq ID: 4679 http://www.securityfocus.com/bid/4679 Bugtraq: 20020506 ldap vulnerabilities (Google Search) Bugtraq: 20021030 GLSA: pam_ldap (Google Search) http://marc.info/?l=bugtraq&m=103601912505261&w=2 Caldera Security Advisory: CSSA-2002-041.0 ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-041.0.txt http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:075 http://www.redhat.com/support/errata/RHSA-2002-084.html http://www.redhat.com/support/errata/RHSA-2002-141.html http://www.redhat.com/support/errata/RHSA-2002-175.html http://www.redhat.com/support/errata/RHSA-2002-180.html http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0053.html http://www.iss.net/security_center/static/9018.php
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com