6692982 2001-06-29 14:35 -0700 /73 rader/ Immunix Security Team <security@wirex.com>
Sänt av: joel@lysator.liu.se
Importerad: 2001-07-02 09:23 av Brevbäraren
Extern mottagare: bugtraq@securityfocus.com
Mottagare: Bugtraq (import) <17717>
Ärende: xinetd update -- Immunix OS 7.0-beta, 7.0
------------------------------------------------------------
-----------------------------------------------------------------------
Immunix OS Security Advisory
Packages updated: xinetd
Affected products: Immunix OS 7.0-beta and 7.0
Bugs fixed: immunix/1657
Date: Fri Jun 29 2001
Advisory ID: IMNX-2001-70-029-01
Obsoletes: IMNX-2001-70-024-01
Author: Seth Arnold <sarnold@wirex.com>
-----------------------------------------------------------------------
Description:
While researching the previous xinetd problem (announced by zen-parse
and discussed in Immunix OS Advisory IMNX-2001-70-024-01), Sebastian
Krahmer found some improper handling of strings when the length
argument to its own internal string handling functions is less than or
equal to zero. We think this could lead to arbitrary code execution by
remote attackers.
Because the string handling functions are called with arguments both
on the stack and on the heap, StackGuard is only partially effective
at stopping possible attacks. As a result, we advise all Immunix OS
7.0 users upgrade immediately.
This advisory is released only for Immunix OS 7.0 because 6.2 used
inetd. This advisory supercedes IMNX-2001-70-024-01.
Thanks to Sebastian Krahmer for finding the problem and Rob Braun
for fixing the problem upstream.
References: http://www.securityfocus.com/archive/1/194213
http://www.securityfocus.com/advisories/3357
Package names and locations:
Precompiled binary packages for Immunix 7.0-beta and 7.0 are available at:
http://download.immunix.org/ImmunixOS/7.0/updates/RPMS/xinetd-2.3.0-1_imnx.i386.rpm
Source package for Immunix 7.0-beta and 7.0 is available at:
http://download.immunix.org/ImmunixOS/7.0/updates/SRPMS/xinetd-2.3.0-1_imnx.src.rpm
Immunix OS 7.0 md5sums:
8d7e57365bb522c484e4e7435ca9eec5 RPMS/xinetd-2.3.0-1_imnx.i386.rpm
294cfb7c6bd84e6ed27e723872179c1e SRPMS/xinetd-2.3.0-1_imnx.src.rpm
GPG verification:
Our public key is available at <http://wirex.com/security/GPG_KEY>.
*** NOTE *** This key is different from the one used in advisories
IMNX-2001-70-020-01 and earlier.
Online version of all Immunix 6.2 updates and advisories:
http://immunix.org/ImmunixOS/6.2/updates/
Online version of all Immunix 7.0-beta updates and advisories:
http://immunix.org/ImmunixOS/7.0-beta/updates/
Online version of all Immunix 7.0 updates and advisories:
http://immunix.org/ImmunixOS/7.0/updates/
NOTE:
Ibiblio is graciously mirroring our updates, so if the links above are
slow, please try:
ftp://ftp.ibiblio.org/pub/Linux/distributions/immunix/
or one of the many mirrors available at:
http://www.ibiblio.org/pub/Linux/MIRRORS.html
Contact information:
To report vulnerabilities, please contact security@wirex.com. WireX
attempts to conform to the RFP vulnerability disclosure protocol
<http://www.wiretrip.net/rfp/policy.html>.
(6692982) /Immunix Security Team <security@wirex.com>/(Ombruten)
Bilaga (application/pgp-signature) i text 6692983
6692983 2001-06-29 14:35 -0700 /10 rader/ Immunix Security Team <security@wirex.com>
Importerad: 2001-07-02 09:23 av Brevbäraren
Extern mottagare: bugtraq@securityfocus.com
Mottagare: Bugtraq (import) <17718>
Bilaga (text/plain) till text 6692982
Ärende: Bilaga till: xinetd update -- Immunix OS 7.0-beta, 7.0
------------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iEYEARECAAYFAjs89IgACgkQVQcWL60UVMvxzACfXM+/1YMQLNhaNbbZNvldpB/I
MrUAnjLkTZLAdc0zHbuW0I3lwZ257Eqb
=U3zR
-----END PGP SIGNATURE-----
(6692983) /Immunix Security Team <security@wirex.com>/