drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Pufferüberlauf in telnetd
Name: |
Pufferüberlauf in telnetd
|
|
ID: |
CSSA-2001-030.0 |
|
Distribution: |
Caldera |
|
Plattformen: |
Caldera eDesktop 2.4, Caldera eBuilder, Caldera eServer 2.3.1, Caldera 2.3, Caldera Server 3.1, Caldera Workstation 3.1 |
|
Datum: |
Di, 14. August 2001, 13:00 |
|
Referenzen: |
Keine Angabe |
|
Applikationen: |
NetKit |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
______________________________________________________________________________ Caldera International, Inc. Security Advisory
Subject: Linux - Telnet AYT remote exploit Advisory number: CSSA-2001-030.0 Issue date: 2001, August 10 Cross reference: ______________________________________________________________________________
1. Problem Description
Recently, a security problem was discovered in various BSD derived implementations of the telnet daemon. Initially, it was thought that the Linux netkit-telnet was not vulnerable to this problem. It turne out that this was wrong.
On OpenLinux previous to version 3.1, this bug allows remote attackers to gain root privilege.
Starting with OpenLinux 3.1, the telnet daemon is split into two processes, a privileged one running the login session, and a restricted one handling the network protocol where the bug occurs. As a consequence, attempts to exploit this problem on OpenLinux 3.1 will give an attacker a process running as user "nobody", and confined to an empty chroot directory.
2. Vulnerable Versions
System Package ----------------------------------------------------------- OpenLinux 2.3 All packages previous to netkit-telnet-0.17-12a OpenLinux eServer 2.3.1 All packages previous to and OpenLinux eBuilder netkit-telnet-0.17-12a OpenLinux eDesktop 2.4 All packages previous to netkit-telnet-0.17-12a OpenLinux Server 3.1 All packages previous to netkit-telnet-0.17-12 OpenLinux Workstation 3.1 All packages previous to netkit-telnet-0.17-12
3. Solution
Workaround
none
The proper solution is to upgrade to the latest packages.
4. OpenLinux 2.3
4.1 Location of Fixed Packages
The upgrade packages can be found on Caldera's FTP site at:
ftp://ftp.caldera.com/pub/updates/OpenLinux/2.3/current/RPMS
The corresponding source code package can be found at:
ftp://ftp.caldera.com/pub/updates/OpenLinux/2.3/current/SRPMS
4.2 Verification
70f6d9fd0083167b23c0f22043b5f72c RPMS/netkit-telnet-0.17-12a.i386.rpm 394490b87437bd04ca4aff661c4f5fff SRPMS/netkit-telnet-0.17-12a.src.rpm
4.3 Installing Fixed Packages
Upgrade the affected packages with the following commands:
rpm -Fvh netkit-telnet-0.17-12a.i386.rpm
5. OpenLinux eServer 2.3.1 and OpenLinux eBuilder for ECential 3.0
5.1 Location of Fixed Packages
The upgrade packages can be found on Caldera's FTP site at:
ftp://ftp.caldera.com/pub/updates/eServer/2.3/current/RPMS
The corresponding source code package can be found at:
ftp://ftp.caldera.com/pub/updates/eServer/2.3/current/SRPMS
5.2 Verification
82e95fe89d065e3116253701004de600 RPMS/netkit-telnet-0.17-12a.i386.rpm 394490b87437bd04ca4aff661c4f5fff SRPMS/netkit-telnet-0.17-12a.src.rpm
5.3 Installing Fixed Packages
Upgrade the affected packages with the following commands:
rpm -Fvh netkit-telnet-0.17-12a.i386.rpm
6. OpenLinux eDesktop 2.4
6.1 Location of Fixed Packages
The upgrade packages can be found on Caldera's FTP site at:
ftp://ftp.caldera.com/pub/updates/eDesktop/2.4/current/RPMS
The corresponding source code package can be found at:
ftp://ftp.caldera.com/pub/updates/eDesktop/2.4/current/SRPMS
6.2 Verification
e35ae266e108a9494f8dd89f96e4b889 RPMS/netkit-telnet-0.17-12a.i386.rpm 394490b87437bd04ca4aff661c4f5fff SRPMS/netkit-telnet-0.17-12a.src.rpm
6.3 Installing Fixed Packages
Upgrade the affected packages with the following commands:
rpm -Fvh netkit-telnet-0.17-12a.i386.rpm
7. OpenLinux 3.1 Server
7.1 Location of Fixed Packages
The upgrade packages can be found on Caldera's FTP site at:
ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/current/RPMS
The corresponding source code package can be found at:
ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/current/SRPMS
7.2 Verification
498c44cc801022653ee6c692a8633d74 RPMS/netkit-telnet-0.17-12.i386.rpm ddd8cf299465d84d1044a13b8e340a23 SRPMS/netkit-telnet-0.17-12.src.rpm
7.3 Installing Fixed Packages
Upgrade the affected packages with the following commands:
rpm -Fvh netkit-telnet-0.17-12.i386.rpm or start kcupdate, the Caldera OpenLinux Update Manager.
8. OpenLinux 3.1 Workstation
8.1 Location of Fixed Packages
The upgrade packages can be found on Caldera's FTP site at:
ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Workstation/current/RPMS
The corresponding source code package can be found at:
SRPMS
8.2 Verification
498c44cc801022653ee6c692a8633d74 RPMS/netkit-telnet-0.17-12.i386.rpm ddd8cf299465d84d1044a13b8e340a23 SRPMS/netkit-telnet-0.17-12.src.rpm
8.3 Installing Fixed Packages
Upgrade the affected packages with the following commands:
rpm -Fvh netkit-telnet-0.17-12.i386.rpm
or start kcupdate, the Caldera OpenLinux Update Manager.
9. References
This and other Caldera security resources are located at:
http://www.caldera.com/support/security/index.html
This security fix closes Caldera's internal Problem Report 10351.
10. Disclaimer
Caldera International, Inc. is not responsible for the misuse of any of the information we provide on this website and/or through our security advisories. Our advisories are a service to our customers intended to promote secure installation and use of Caldera OpenLinux.
11. Acknowledgements
Caldera wishes to thank Zen-Parse (zen-parse@gmx.net) for advance notification of this bug and his cooperation. ______________________________________________________________________________ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org
iD8DBQE7c/Ef18sy83A/qfwRApFKAKCOz6jweWH+XIS4eNdnF2Dq3FEZrgCfUzlF 3JQNa+IP77hu313lcRhDsXM= =oLMd -----END PGP SIGNATURE-----
--------------------------------------------------------------------- To unsubscribe, e-mail: announce-unsubscribe@lists.caldera.com For additional commands, e-mail: announce-help@lists.caldera.com
|
|
|
|