The OpenNET Project
 
Search (keywords):  SOFT ARTICLES TIPS & TRICKS SECURITY
LINKS NEWS MAN DOCUMENTATION


SuSE Security Announcement: nkitb/nkitserv (SuSE-SA:2001:07)


<< Previous INDEX Search src Set bookmark Go to bookmark Next >>
Date: Thu, 22 Mar 2001 20:33:54 +0100
From: Thomas Biege <[email protected]>
To: [email protected]
Subject: SuSE Security Announcement: nkitb/nkitserv (SuSE-SA:2001:07)

-----BEGIN PGP SIGNED MESSAGE-----

___________________________________________________________________________=
___

                        SuSE Security Announcement

        Package:                nkitb/nkitserv
        Announcement-ID:        SuSE-SA:2001:07
        Date:                   Thursday, March 22th, 2001 19.06 MEST
        Affected SuSE versions: 6.1, 6.2, 6.3, 6.4, 7.0, 7.1
        Vulnerability Type:     remote denial-of-service
        Severity (1-10):        4
        SuSE default package:   yes: in.ftpd, no: timed
        Other affected systems: all system using in.ftpd (OpenBSD port) or =
timed

        Content of this advisory:
        1) security vulnerability resolved: timed, in.ftpd
           problem description, discussion, solution and upgrade informatio=
n
        2) pending vulnerabilities, solutions, workarounds
        3) standard appendix (further information)

___________________________________________________________________________=
___

1)  problem description, brief discussion, solution, upgrade information

    Two parts of the nkitb/nkitserv package are vulnerable to security rela=
ted
    bugs.
    in.ftpd(8):
    A one-byte bufferoverflow was discovered in the OpenBSD port of the
    FTP daemon in.ftpd(8) several weeks ago.
    This bug could just be triggered by authenticated users, which have wri=
te
    access. This bug is believed to not be exploitable under Linux. However=
,
    we prefer to provide a fixed update package to make sure that the daemo=
n
    is on the safe side.
    in.ftpd(8) will be invoked by inetd(8) and is activated by default.

    timed(8):
    The time server daemon timed(8), which is started at boot time, tries t=
o
    synchronize the local host time with the time of other machines on the
    local area network.
    A bug in timed(8) was reported by the FreeBSD Security Officer, that co=
uld
    be triggered remotely to crash the time server daemon.

    For SuSE 6.1-6.4 in.ftpd and timed were part of nkitb.
    Users of SuSE 7.0 need to download the nkitserv package for both in.ftp=
d
    and timed.
    The bug in in.ftpd is fixed in SuSE 7.1, so nkitserv for SuSE 7.1 just
    includes a new version of timed(8).

    Download the update package from locations desribed below and install
    the package with the command `rpm -Uhv file.rpm'. The md5sum for each
    file is in the line below. You can verify the integrity of the rpm
    files using the command
        `rpm --checksig --nogpg file.rpm',
    independently from the md5 signatures below.



    i386 Intel Platform:

    SuSE-7.1
    ftp://ftp.suse.com/pub/suse/i386/update/7.1/n1/nkitserv-2001.3.16-0.i38=
6.rpm
      c4313f92a36916f0eba0b8837c9c0c81
    source rpm:
    ftp://ftp.suse.com/pub/suse/i386/update/7.1/zq1/nkitb-2001.3.16-1.src.r=
pm
      ec452523fa25c8aed962fbd3349d1f3d

    SuSE-7.0
    ftp://ftp.suse.com/pub/suse/i386/update/7.0/n1/nkitserv-2001.3.16-0.i38=
6.rpm
      02772824805c6c4293bd1750d7bda6d3
    source rpm:
    ftp://ftp.suse.com/pub/suse/i386/update/7.0/zq1/nkitb-2001.3.16-1.src.r=
pm
      5d301edc1b1ec9111572815aace33984

    SuSE-6.4
    ftp://ftp.suse.com/pub/suse/i386/update/6.4/a1/nkitb-2001.3.16-1.i386.r=
pm
      842dea179cc449c4af25accf0c3f38ec
    source rpm:
    ftp://ftp.suse.com/pub/suse/i386/update/6.4/zq1/nkitb-2001.3.16-1.src.r=
pm
      c099e7c1194b7706100453a89433b59c

    SuSE-6.3
    ftp://ftp.suse.com/pub/suse/i386/update/6.3/a1/nkitb-2001.3.16-0.i386.r=
pm
      768a636df4731cd8efd181aa2eaf2e60
    source rpm:
    ftp://ftp.suse.com/pub/suse/i386/update/6.3/zq1/nkitb-2001.3.16-0.src.r=
pm
      b705425c4c3cb70ebf9cd1345c92104a

    SuSE-6.2
    ftp://ftp.suse.com/pub/suse/i386/update/6.2/a1/nkitb-2001.3.16-0.i386.r=
pm
      cbae31148c79c91a1443f79ee1ba34d3
    source rpm:
    ftp://ftp.suse.com/pub/suse/i386/update/6.2/zq1/nkitb-2001.3.16-0.src.r=
pm
      d287c01d35d00756ecbf8da04556037c

    SuSE-6.1
    ftp://ftp.suse.com/pub/suse/i386/update/6.1/a1/nkitb-2001.3.16-0.i386.r=
pm
      5f45ade69a9e8c2756e671c4a6e3522a
    source rpm:
    ftp://ftp.suse.com/pub/suse/i386/update/6.1/zq1/nkitb-2001.3.16-0.src.r=
pm
      62b969c4e666f3ea71b6ce6b31762718



    Sparc Platform:

    SuSE-7.1
    ftp://ftp.suse.com/pub/suse/sparc/update/7.1/n1/nkitserv-2001.3.16-0.sp=
arc.rpm
      142329dcae76a1603c0d84836192e357
    source rpm:
    ftp://ftp.suse.com/pub/suse/sparc/update/7.1/zq1/nkitb-2001.3.16-0.src.=
rpm
      5bd9123cecba6ddd42cc965c599f383e

    SuSE-7.0
    ftp://ftp.suse.com/pub/suse/sparc/update/7.0/n1/nkitserv-2001.3.16-0.sp=
arc.rpm
      07ed33c76c7ae2df5b877003b254944d
    source rpm:
    ftp://ftp.suse.com/pub/suse/sparc/update/7.0/zq1/nkitb-2001.3.16-0.src.=
rpm
      66ba7b71624f636e24e2d628c8f06e81



    AXP Alpha Platform:

    SuSE-7.0
    ftp://ftp.suse.com/pub/suse/axp/update/7.0/n1/nkitserv-2001.3.16-0.alph=
a.rpm
      5fcf177588788eb069bdb69332046d23
    source rpm:
    ftp://ftp.suse.com/pub/suse/axp/update/7.0/zq1/nkitb-2001.3.16-0.src.rp=
m
      c27ed3bf0c293eaa77fe5a8fa960e95d

    SuSE-6.4
    ftp://ftp.suse.com/pub/suse/axp/update/6.4/a1/nkitb-2001.3.16-0.alpha.r=
pm
      385fa60c0c216f1d9e61afd52d37df93
    source rpm:
    ftp://ftp.suse.com/pub/suse/axp/update/6.4/zq1/nkitb-2001.3.16-0.src.rp=
m
      5ba60084740c9be9f89a729e2d21a77c

    SuSE-6.3
    ftp://ftp.suse.com/pub/suse/axp/update/6.3/a1/nkitb-2001.3.16-0.alpha.r=
pm
      8a9e207a77e3c7f954e8faa91954f7aa
    source rpm:
    ftp://ftp.suse.com/pub/suse/axp/update/6.3/zq1/nkitb-2001.3.16-0.src.rp=
m
      53f8a03feacc7fb81b92a726c8e81d21

    SuSE-6.1
    ftp://ftp.suse.com/pub/suse/axp/update/6.1/a1/nkitb-2001.3.16-0.alpha.r=
pm
      359a3432f73220cecd42ba0b365d5e06
    source rpm:
    ftp://ftp.suse.com/pub/suse/axp/update/6.1/zq1/nkitb-2001.3.16-0.src.rp=
m
      e0ccf6395312f9c33518f5f083c9d51f



    PPC PowerPC Platform:

    SuSE-7.1
    ftp://ftp.suse.com/pub/suse/ppc/update/7.1/n1/nkitserv-2001.3.16-0.ppc.=
rpm
      37bf5a963bc93215084b5634e864479c
    source rpm:
    ftp://ftp.suse.com/pub/suse/ppc/update/7.1/zq1/nkitb-2001.3.16-0.src.rp=
m
      c31af637f58d9b43db542657b02bc772


    SuSE-7.0
    ftp://ftp.suse.com/pub/suse/ppc/update/7.0/n1/nkitserv-2001.3.16-1.ppc.=
rpm
      ddc1dcfb94ba90f3cbdf395f89dd3b84
    source rpm:
    ftp://ftp.suse.com/pub/suse/ppc/update/7.0/zq1/nkitb-2001.3.16-1.src.rp=
m
      2fa9c58b871248172285a64107e3be7c

    SuSE-6.4
    ftp://ftp.suse.com/pub/suse/ppc/update/6.4/a1/nkitb-2001.3.16-0.ppc.rpm
      1dc4c831b5f6bd344ab8f511497b3fa5
    source rpm:
    ftp://ftp.suse.com/pub/suse/ppc/update/6.4/zq1/nkitb-2001.3.16-0.src.rp=
m
      5529e5f63e2391ab1669efa0a8c33b57

___________________________________________________________________________=
___

2)  Pending vulnerabilities in SuSE Distributions and Workarounds:

    - joe (configuration file vulnerability): The problem has been reported
      on multiple security-related mailing lists. We are about to provide
      fixed packages.

    - The game spaceboom (SVGA shoot'em up) has been found vulnerable to
      multiple vulnerabilities. As a reaction to these bugs, the spaceboom
      game has been dropped from the distribution. We recommend to deinstal=
l
      the game from our 6.x and 7.x distribution by using the command
      `rpm -e space=B4, or to remove the suid bit from the file
      /usr/games/SpaceBoom/SpaceBoom using the command
      `chmod -s /usr/games/SpaceBoom/SpaceBoom=B4.
      (Note: removing the suid bit prevents the game from being used by
      non-root users and from being reinstalled after removal.)

    - We are in the process of preparing update packages for the man packag=
e
      which has been found vulnerable to a commandline format string bug.
      The man command is installed suid man on SuSE systems. When exploited=
,
      the bug can be used to install a different man binary to introduce a
      trojan into the system. As an interim workaround, we recommend to
      `chmod -s /usr/bin/man=B4 and ignore the warnings and errors when
      viewing manpages.

    - The file browser MidnightCommander (mc) is vulnerable to unwanted
      program execution. Updates are currently being built.

    - New RPMs, that fix' a vulnerbility in the eperl package for SuSE 6.1-=
7.1 are
      currently being built.

___________________________________________________________________________=
___

3)  standard appendix:

    SuSE runs two security mailing lists to which any interested party may
    subscribe:

    [email protected]
        -   general/linux/SuSE security discussion.
            All SuSE security announcements are sent to this list.
            To subscribe, send an email to
                <[email protected]>.

    [email protected]
        -   SuSE's announce-only mailing list.
            Only SuSE's security annoucements are sent to this list.
            To subscribe, send an email to
                <[email protected]>.

    For general information or the frequently asked questions (faq)
    send mail to:
        <[email protected]> or
        <[email protected]> respectively.

    =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
    SuSE's security contact is <[email protected]>.
    =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D

___________________________________________________________________________=
___

    The information in this advisory may be distributed or reproduced,
    provided that the advisory is not modified in any way.
    SuSE GmbH makes no warranties of any kind whatsoever with respect
    to the information contained in this security advisory.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv

iQEVAwUBOrpHQ3ey5gA9JdPZAQEWXwf/TwIX3tVUM4l32z6efEOdiLPNe0FmdImz
kgFkyWX+aDSLIVvhoqjpfr7DjD0p2Run9d1BjdLoTGqUgFZf+WR5yZWUbR94+5wN
ahaoKWHMGGxHxynrbr+YnlOFyKH1Zv3HqFbsY/KTrVSsWCsbqsqs1wd8ePVG/El9
oODwYHDBlMHGu+tXRqXAMhxGgrlMw5Id2fQEXVXvQu6/OJjqjzeRDHCA05vw/lZK
hK0vAPbU3UKHkgbHLmA1kKyqMIYJZcSWDngv6IOWrS/5MyoswL8sWcda+7Z3omyL
885DLHrszKcnH2mYzVeVV/ZYE2u711dhVRn+FEHIxukNty0un6rLaQ=3D=3D
=3DaQ3n
-----END PGP SIGNATURE-----

Bye,
     Thomas
--=20
  Thomas Biege, SuSE GmbH, Schanzaeckerstr. 10, 90443 Nuernberg
  E@mail: [email protected]      Function: Security Support & Auditing
  "lynx -source http://www.suse.de/~thomas/thomas.pgp | pgp -fka"
   Key fingerprint =3D 09 48 F2 FD 81 F7 E7 98  6D C7 36 F1 96 6A 12 47

<< Previous INDEX Search src Set bookmark Go to bookmark Next >>



Партнёры:
PostgresPro
Inferno Solutions
Hosting by Hoster.ru
Хостинг:

Закладки на сайте
Проследить за страницей
Created 1996-2024 by Maxim Chirkov
Добавить, Поддержать, Вебмастеру