Sicherheit: Fehlerhafte Signalbehandlung in stunnel

Lesezeichen hinzufügen

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

______________________________________________________________________________

SCO Security Advisory

Subject: OpenLinux: Updated stunnel packages fix signal vulnerability
Advisory number: CSSA-2003-026.0
Issue date: 2003 October 03
Cross reference: sr883627 fz528223 erg712413 CAN-2002-1563
______________________________________________________________________________

1. Problem Description

stunnel is a wrapper for network connections. It can be used
to tunnel an unencrypted network connection over a secure
connection (encrypted using SSL or TLS) or to provide a secure
means of connecting to services that do not natively support
encryption.

When configured to listen for incoming connections (instead of
being invoked by xinetd), stunnel can be configured to either
start a thread or a child process to handle each new connection.
If Stunnel is configured to start a new child process to handle
each connection, it will receive a SIGCHLD signal when that child
exits.

Stunnel versions prior to 4.04 would perform tasks in the
SIGCHLD signal handler which, if interrupted by another SIGCHLD
signal, could be unsafe. This could lead to a denial of service.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CAN-2002-1563 to this issue.

2. Vulnerable Supported Versions

System Package
----------------------------------------------------------------------
OpenLinux 3.1.1 Server prior to stunnel-4.04-1.i386.rpm
OpenLinux 3.1.1 Workstation prior to stunnel-4.04-1.i386.rpm

3. Solution

The proper solution is to install the latest packages. Many
customers find it easier to use the Caldera System Updater, called
cupdate (or kcupdate under the KDE environment), to update these
packages rather than downloading and installing them by hand.

4. OpenLinux 3.1.1 Server

4.1 Package Location

ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2003-026.0/RPMS

4.2 Packages

00d7179b1b5ca718d3ec6b85f144e4f1 stunnel-4.04-1.i386.rpm

4.3 Installation

rpm -Fvh stunnel-4.04-1.i386.rpm

4.4 Source Package Location

ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2003-026.0/SRPMS

4.5 Source Packages

ca450eb7d9ca61c042f0b6d1448def8d stunnel-4.04-1.src.rpm

5. OpenLinux 3.1.1 Workstation

5.1 Package Location

ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2003-026.0/RPMS

5.2 Packages

e05b815b77113f4700875bb7a263a7ae stunnel-4.04-1.i386.rpm

5.3 Installation

rpm -Fvh stunnel-4.04-1.i386.rpm

5.4 Source Package Location

SRPMS

5.5 Source Packages

f13039bc38057f788d72ed9fa0448e0a stunnel-4.04-1.src.rpm

6. References

Specific references for this advisory:
http://marc.theaimsgroup.com/?l=stunnel-users&m=103600188215117
http://marc.theaimsgroup.com/?l=bugtraq&m=104247606910598
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1563

SCO security resources:
http://www.sco.com/support/security/index.html

This security fix closes SCO incidents sr883627 fz528223
erg712413.

7. Disclaimer

SCO is not responsible for the misuse of any of the information
we provide on this website and/or through our security
advisories. Our advisories are a service to our customers intended
to promote secure installation and use of SCO products.

8. Acknowledgements

SCO would like to thank Henrik Eriksson from Axis Communications.
______________________________________________________________________________

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iEYEARECAAYFAj999a8ACgkQbluZssSXDTFCZQCghaAuO/2UeV6CpVlvcsa8J/0H
SmkAoJmHopz4H4R8u6NewNY0+keWeI0E
=VZ9Z
-----END PGP SIGNATURE-----