1 |
Nevermind. I misread that. "prior to" stuff. And I also see that the LDAP |
2 |
version difference v2 and v3 are reason to have both in there. |
3 |
|
4 |
Please excuse this useless mail i'm a jackass and haven't had my coffee |
5 |
yet. |
6 |
|
7 |
|
8 |
|
9 |
On Tue, Jul 17, 2001 at 10:20:19AM -0500, Ben Lutgens wrote: |
10 |
>Please see the attached advisory. |
11 |
> |
12 |
>Since we have openldap-2.0.11 in portage I recommend that we remove the |
13 |
>older one based upon answers to the following questions. |
14 |
> |
15 |
>1.) does the openldap-2.0.11 packacke compile and work o.k.? |
16 |
>2.) Is there a valid reason for leaving the older ebuilds in the tree? |
17 |
>3.) Does anyone care? |
18 |
> |
19 |
>I'll wait for this thread to progress before removing / modifying the |
20 |
>net-nds/openldap/ directory in portage. |
21 |
> |
22 |
> |
23 |
> |
24 |
> |
25 |
> |
26 |
>-----BEGIN PGP SIGNED MESSAGE----- |
27 |
> |
28 |
>CERT Advisory CA-2001-18 Multiple Vulnerabilities in Several |
29 |
>Implementations of the Lightweight Directory Access Protocol (LDAP) |
30 |
> |
31 |
> Original release date: July 16, 2001 |
32 |
> Last revised: -- |
33 |
> Source: CERT/CC |
34 |
> |
35 |
> A complete revision history can be found at the end of this file. |
36 |
> |
37 |
>Systems Affected |
38 |
> |
39 |
> * iPlanet Directory Server, version 5.0 Beta and versions up to and |
40 |
> including 4.13 |
41 |
> * Certain versions of IBM SecureWay running under Solaris and |
42 |
> Windows 2000 |
43 |
> * Lotus Domino R5 Servers (Enterprise, Application, and Mail), |
44 |
>prior |
45 |
> to 5.0.7a |
46 |
> * Teamware Office for Windows NT and Solaris, prior to version |
47 |
> 5.3ed1 |
48 |
> * Qualcomm Eudora WorldMail for Windows NT, version 2 |
49 |
> * Microsoft Exchange 5.5 LDAP Service (Hotfix pending) |
50 |
> * Network Associates PGP Keyserver 7.0, prior to Hotfix 2 |
51 |
> * Oracle 8i Enterprise Edition |
52 |
> * OpenLDAP, 1.x prior to 1.2.12 and 2.x prior to 2.0.8 |
53 |
> |
54 |
>Overview |
55 |
> |
56 |
> Several implementations of the Lightweight Directory Access Protocol |
57 |
> (LDAP) protocol contain vulnerabilities that may allow |
58 |
> denial-of-service attacks, unauthorized privileged access, or both. |
59 |
>If |
60 |
> your site uses any of the products listed in this advisory, the |
61 |
>CERT/CC |
62 |
> encourages you to follow the advice provided in the Solution section |
63 |
> below. |
64 |
> |
65 |
>I. Description |
66 |
> |
67 |
> The LDAP protocol provides access to directories that support the |
68 |
>X.500 |
69 |
> directory semantics without requiring the additional resources of |
70 |
> X.500. A directory is a collection of information such as names, |
71 |
> addresses, access control lists, and cryptographic certificates. |
72 |
> Because LDAP servers are widely used in maintaining corporate contact |
73 |
> information and providing authentication services, any threats to |
74 |
>their |
75 |
> integrity or stability can jeopardize the security of an |
76 |
>organization. |
77 |
> |
78 |
> To test the security of protocols like LDAP, the PROTOS project |
79 |
> presents a server with a wide variety of sample packets containing |
80 |
> unexpected values or illegally formatted data. This approach may |
81 |
>reveal |
82 |
> vulnerabilities that would not manifest themselves under normal |
83 |
> conditions. As a member of the PROTOS project consortium, the Oulu |
84 |
> University Secure Programming Group (OUSPG) co-developed and |
85 |
> subsequently used the PROTOS LDAPv3 test suite to study several |
86 |
> implementations of the LDAP protocol. |
87 |
> |
88 |
> The PROTOS LDAPv3 test suite is divided into two main sections: the |
89 |
> "Encoding" section, which tests an LDAP server's response to packets |
90 |
> that violate the Basic Encoding Rules (BER), and the "Application" |
91 |
> section, which tests an LDAP server's response to packets that |
92 |
>trigger |
93 |
> LDAP-specific application anomalies. Each section is further divided |
94 |
> into "groups" that collectively exercise a particular encoding or |
95 |
> application feature. Finally, each group contains one or more "test |
96 |
> cases," which represent the network packets that are used to test |
97 |
> individual exceptional conditions. |
98 |
> |
99 |
> By applying the PROTOS LDAPv3 test suite to a variety of popular |
100 |
> LDAP-enabled products, the OUSPG revealed the following |
101 |
> vulnerabilities: |
102 |
> |
103 |
> VU#276944 - iPlanet Directory Server contains multiple |
104 |
>vulnerabilities |
105 |
> in LDAP handling code |
106 |
> |
107 |
> The iPlanet Directory Server contains multiple vulnerabilities in |
108 |
> the code that processes LDAP requests. |
109 |
> |
110 |
> In the encoding section of the test suite, this product had an |
111 |
> indeterminate number of failures in the group that tests invalid |
112 |
> BER length of length fields. |
113 |
> |
114 |
> In the application section of the test suite, this product failed |
115 |
> four groups and had inconclusive results for an additional five |
116 |
> groups. The four failed groups indicate the presence of buffer |
117 |
> overflow vulnerabilities. For the inconclusive groups, the |
118 |
>product |
119 |
> exhibited suspicious behavior while testing for format string |
120 |
> vulnerabilities. |
121 |
> |
122 |
> VU#505564 - IBM SecureWay Directory is vulnerable to |
123 |
>denial-of-service |
124 |
> attacks via LDAP handling code |
125 |
> |
126 |
> The IBM SecureWay Directory server contains one or more |
127 |
> vulnerabilities in the code that processes LDAP requests. These |
128 |
> vulnerabilities were discovered independently by IBM using the |
129 |
> PROTOS LDAPv3 test suite. The CERT/CC is not currently aware of |
130 |
>the |
131 |
> nature of these vulnerabilities. |
132 |
> |
133 |
> VU#583184 - Lotus Domino R5 Server Family contains multiple |
134 |
> vulnerabilities in LDAP handling code |
135 |
> |
136 |
> The Lotus Domino R5 Server Family (including the Enterprise, |
137 |
> Application, and Mail servers) contains multiple vulnerabilities |
138 |
>in |
139 |
> the code that processes LDAP requests. |
140 |
> |
141 |
> In the encoding section of the test suite, this product failed 1 |
142 |
>of |
143 |
> 77 groups. The failed group tests a server's response to |
144 |
> miscellaneous packets with semi-valid BER encodings. |
145 |
> |
146 |
> In the application section of the test suite, this product failed |
147 |
> 23 of 77 groups. These results suggest that both buffer overflow |
148 |
> and format string vulnerabilities are likely to be present in a |
149 |
> variety of application components. |
150 |
> |
151 |
> VU#688960 - Teamware Office contains multiple vulnerabilities in LDAP |
152 |
> handling code |
153 |
> |
154 |
> The Teamware Office suite is packaged with a combination |
155 |
>X.500/LDAP |
156 |
> server that provides directory services. Multiple versions of the |
157 |
> Office product contain vulnerabilities that cause the LDAP server |
158 |
> to crash in response to traffic sent by the PROTOS LDAPv3 test |
159 |
> suite. |
160 |
> |
161 |
> In the encoding section of the test suite, this product failed 9 |
162 |
>of |
163 |
> 16 groups involving invalid encodings for several BER object |
164 |
>types. |
165 |
> |
166 |
> In the application section of the test suite, this product failed |
167 |
>4 |
168 |
> of 32 groups. The remaining 45 groups were not exercised during |
169 |
>the |
170 |
> test runs. The four failed groups indicate the presence of buffer |
171 |
> overflow vulnerabilities. |
172 |
> |
173 |
> VU#717380 - Potential vulnerabilities in Qualcomm Eudora WorldMail |
174 |
> Server LDAP handling code |
175 |
> |
176 |
> While investigating the vulnerabilities reported by OUSPG, it was |
177 |
> brought to our attention that the Eudora WorldMail Server may |
178 |
> contain vulnerabilities that can be triggered via the PROTOS test |
179 |
> suite. The CERT/CC has reported this possibility to Qualcomm and |
180 |
>an |
181 |
> investigation is pending. |
182 |
> |
183 |
> VU#763400 - Microsoft Exchange 5.5 LDAP Service is vulnerable to |
184 |
> denial-of-service attacks |
185 |
> |
186 |
> The Microsoft Exchange 5.5 LDAP Service contains a vulnerability |
187 |
> that causes the LDAP server to freeze in response to malformed |
188 |
>LDAP |
189 |
> requests generated by the PROTOS test suite. This only affects |
190 |
>the |
191 |
> LDAP service; all other Exchange services, including mail |
192 |
>handling, |
193 |
> continue normally. |
194 |
> |
195 |
> Although this product was not included in OUSPG's initial |
196 |
>testing, |
197 |
> subsequent informal testing revealed that the LDAP service of the |
198 |
> Microsoft Exchange 5.5 became unresponsive while processing test |
199 |
> cases containing exceptional BER encodings for the LDAP filter |
200 |
>type |
201 |
> field. |
202 |
> |
203 |
> VU#765256 - Network Associates PGP Keyserver contains multiple |
204 |
> vulnerabilities in LDAP handling code |
205 |
> |
206 |
> The Network Associates PGP Keyserver 7.0 contains multiple |
207 |
> vulnerabilities in the code that processes LDAP requests. |
208 |
> |
209 |
> In the encoding section of the test suite, this product failed 12 |
210 |
> of 16 groups. |
211 |
> |
212 |
> In the application section of the test suite, this product failed |
213 |
>1 |
214 |
> of 77 groups. The failed group focused on out-of-bounds integer |
215 |
> values for the messageID parameter. Due to a peculiarity of this |
216 |
> test group, this failure may actually represent an encoding |
217 |
> failure. |
218 |
> |
219 |
> VU#869184 - Oracle 8i Enterprise Edition contains multiple |
220 |
> vulnerabilities in LDAP handling code |
221 |
> |
222 |
> The Oracle 8i Enterprise Edition server contains multiple |
223 |
> vulnerabilities in the code used to process LDAP requests. |
224 |
> |
225 |
> In the encoding section of the test suite, this product failed an |
226 |
> indeterminate number of test cases in the group that tests a |
227 |
> server's response to invalid encodings of BER OBJECT-IDENTIFIER |
228 |
> values. |
229 |
> |
230 |
> In the application section of the test suite, this product failed |
231 |
> 46 of 77 groups. These results suggest that both buffer overflow |
232 |
> and format string vulnerabilities are likely to be present in a |
233 |
> variety of application components. |
234 |
> |
235 |
> VU#935800 - Multiple versions of OpenLDAP are vulnerable to |
236 |
> denial-of-service attacks |
237 |
> |
238 |
> There are multiple vulnerabilities in the OpenLDAP |
239 |
>implementations |
240 |
> of the LDAP protocol. These vulnerabilities exist in the code |
241 |
>that |
242 |
> translates network datagrams into application-specific |
243 |
>information. |
244 |
> |
245 |
> In the encoding section of the test suite, this product failed |
246 |
>the |
247 |
> group that tests the handling of invalid BER length of length |
248 |
> fields. |
249 |
> |
250 |
> In the application section of the test suite, this product passed |
251 |
> all 6685 test cases. |
252 |
> |
253 |
>Additional Information |
254 |
> |
255 |
> For the most up-to-date information regarding these vulnerabilities, |
256 |
> please visit the CERT/CC Vulnerability Notes Database at: |
257 |
> |
258 |
> http://www.kb.cert.org/vuls/ |
259 |
> |
260 |
> Please note that the test results summarized above should not be |
261 |
> interpreted as a statement of overall software quality. However, the |
262 |
> CERT/CC does believe that these results are useful in describing the |
263 |
> characteristics of these vulnerabilities. For example, an application |
264 |
> that fails multiple groups indicates that problems exist in different |
265 |
> areas of the code, rather than in a specific code segment. |
266 |
> |
267 |
>II. Impact |
268 |
> |
269 |
> VU#276944 - iPlanet Directory Server contains multiple |
270 |
>vulnerabilities |
271 |
> in LDAP handling code |
272 |
> |
273 |
> One or more of these vulnerabilities allow a remote attacker to |
274 |
> execute arbitrary code with the privileges of the Directory |
275 |
>Server. |
276 |
> The server typically runs with system privileges. At least one of |
277 |
> these vulnerabilities has been successfully exploited in a |
278 |
> laboratory environment under Windows NT 4.0, but they may affect |
279 |
> other platforms as well. |
280 |
> |
281 |
> VU#505564 - IBM SecureWay Directory is vulnerable to |
282 |
>denial-of-service |
283 |
> attacks via LDAP handling code |
284 |
> |
285 |
> These vulnerabilities allow a remote attacker to crash affected |
286 |
> SecureWay Directory servers, resulting in a denial-of-service |
287 |
> condition. It is not known at this time whether these |
288 |
> vulnerabilities will allow a remote attacker to execute arbitrary |
289 |
> code. These vulnerabilities exist on the Solaris and Windows 2000 |
290 |
> platforms but are not present under Windows NT, AIX, and AIX with |
291 |
> SSL. |
292 |
> |
293 |
> VU#583184 - Lotus Domino R5 Server Family contains multiple |
294 |
> vulnerabilities in LDAP handling code |
295 |
> |
296 |
> One or more of these vulnerabilities allow a remote attacker to |
297 |
> execute arbitrary code with the privileges of the Domino |
298 |
> server. The server typically runs with system privileges. At |
299 |
>least |
300 |
> one of these vulnerabilities has been successfully exploited in a |
301 |
> laboratory environment. |
302 |
> |
303 |
> VU#688960 - Teamware Office contains multiple vulnerabilities in LDAP |
304 |
> handling code |
305 |
> |
306 |
> These vulnerabilities allow a remote attacker to crash affected |
307 |
> Teamware LDAP servers, resulting in a denial-of-service |
308 |
>condition. |
309 |
> They may also allow a remote attacker to execute arbitrary code |
310 |
> with the privileges of the Teamware server. The server typically |
311 |
> runs with system privileges. |
312 |
> |
313 |
> VU#717380 - Potential vulnerabilities in Qualcomm Eudora WorldMail |
314 |
> Server LDAP handling code |
315 |
> |
316 |
> The CERT/CC has not yet determined the impact of this |
317 |
>vulnerability. |
318 |
> |
319 |
> VU#763400 - Microsoft Exchange 5.5 LDAP Service is vulnerable to |
320 |
> denial-of-service attacks |
321 |
> |
322 |
> This vulnerability allows a remote attacker to crash the LDAP |
323 |
> component of vulnerable Exchange 5.5 servers, resulting in a |
324 |
> denial-of-service condition within the LDAP component. |
325 |
> |
326 |
> VU#765256 - Network Associates PGP Keyserver contains multiple |
327 |
> vulnerabilities in LDAP handling code |
328 |
> |
329 |
> One or more of these vulnerabilities allow a remote attacker to |
330 |
> execute arbitrary code with the privileges of the Keyserver. The |
331 |
> server typically runs with system privileges. At least one of |
332 |
>these |
333 |
> vulnerabilities has been successfully exploited in a laboratory |
334 |
> environment. |
335 |
> |
336 |
> VU#869184 - Oracle 8i Enterprise Edition contains multiple |
337 |
> vulnerabilities in LDAP handling code |
338 |
> |
339 |
> One or more of these vulnerabilities allow a remote attacker to |
340 |
> execute arbitrary code with the privileges of the Oracle |
341 |
> server. The server typically runs with system privileges. At |
342 |
>least |
343 |
> one of these vulnerabilities has been successfully exploited in a |
344 |
> laboratory environment. |
345 |
> |
346 |
> VU#935800 - Multiple versions of OpenLDAP are vulnerable to |
347 |
> denial-of-service attacks |
348 |
> |
349 |
> These vulnerabilities allow a remote attacker to crash affected |
350 |
> OpenLDAP servers, resulting in a denial-of-service condition. |
351 |
> |
352 |
>III. Solution |
353 |
> |
354 |
>Apply a patch from your vendor |
355 |
> |
356 |
> Appendix A contains information provided by vendors for this |
357 |
>advisory. |
358 |
> Please consult this appendix to determine if you need to contact your |
359 |
> vendor directly. |
360 |
> |
361 |
>Block access to directory services at network perimeter |
362 |
> |
363 |
> As a temporary measure, it is possible to limit the scope of these |
364 |
> vulnerabilities by blocking access to directory services at the |
365 |
> network perimeter. Please note that this workaround does not protect |
366 |
> vulnerable products from internal attacks. |
367 |
> |
368 |
> ldap 389/tcp # Lightweight Directory Access Protocol |
369 |
> ldap 389/udp # Lightweight Directory Access Protocol |
370 |
> ldaps 636/tcp # ldap protocol over TLS/SSL (was sldap) |
371 |
> ldaps 636/udp # ldap protocol over TLS/SSL (was sldap) |
372 |
> |
373 |
>Appendix A. - Vendor Information |
374 |
> |
375 |
> This appendix contains information provided by vendors for this |
376 |
> advisory. As vendors report new information to the CERT/CC, we will |
377 |
> update this section and note the changes in our revision history. If |
378 |
>a |
379 |
> particular vendor is not listed below, we have not received their |
380 |
> comments. |
381 |
> |
382 |
>IBM Corporation |
383 |
> |
384 |
> IBM and Tivoli are currently investigating the details of the |
385 |
> vulnerabilities in the various versions of the SecureWay product |
386 |
> family. |
387 |
> |
388 |
> Fixes are being implemented as these details become known. |
389 |
> |
390 |
> Fixes will be posted to the download sites (IBM or Tivoli) for the |
391 |
> affected platform. See http://www-1.ibm.com/support under "Server |
392 |
> Downloads" or "Software Downloads" for links to the fix distribution |
393 |
> sites. |
394 |
> |
395 |
>iPlanet E-Commerce Solutions |
396 |
> |
397 |
> [CERT/CC Addendum: These vulnerabilities were originally discovered |
398 |
>in |
399 |
> Directory Server 5.0 Beta and were later found to exist in versions |
400 |
>up |
401 |
> to and including version 4.13. These vulnerabilities have been |
402 |
> addressed in the released version of Directory Server 5.0.] |
403 |
> |
404 |
>Lotus Development Corporation |
405 |
> |
406 |
> Lotus reproduced the problem as reported by OUSPG and documented it |
407 |
>in |
408 |
> SPR#DWUU4W6NC8. |
409 |
> |
410 |
> Lotus considers security issues as top priority, so we acted quickly |
411 |
> to resolve the problem in a maintenance update to Domino. It was |
412 |
> addressed in Domino R5.0.7a, which was released on May 18th, 2001. |
413 |
> This release can be downloaded from Notes.net at |
414 |
> |
415 |
> http://www.notes.net/qmrdown.nsf/qmrwelcome. |
416 |
> |
417 |
> The fix is documented in the fix list at |
418 |
> |
419 |
> |
420 |
>http://www.notes.net/r5fixlist.nsf/Search!SearchView&Query=DWUU |
421 |
> 4W6NC8 |
422 |
> |
423 |
>Microsoft Corporation |
424 |
> |
425 |
> Microsoft is developing a hotfix for this issue which will be |
426 |
> available shortly. |
427 |
> |
428 |
> Customers can obtain this hotfix by contacting Product Support |
429 |
> Services at no charge and asking for Q303448 and Q303450. Information |
430 |
> on contacting Microsoft Product Support Services can be found at |
431 |
> |
432 |
> http://www.microsoft.com/support/ |
433 |
> |
434 |
>Network Associates, Inc. |
435 |
> |
436 |
> Network Associates has resolved these vulnerabilities in Hotfix 2 for |
437 |
> both Solaris and Windows NT. All Network Associates Enterprise |
438 |
>Support |
439 |
> customers have been notified and have been provided access to the |
440 |
> Hotfix. |
441 |
> |
442 |
> This Hotfix can be downloaded at |
443 |
> |
444 |
> http://www.pgp.com/downloads/default.asp |
445 |
> |
446 |
>The OpenLDAP Project |
447 |
> |
448 |
> [CERT/CC Addendum: To address these vulnerabilities, the OpenLDAP |
449 |
> Project has released OpenLDAP 1.2.12 for use in LDAPv2 environments |
450 |
> and OpenLDAP 2.0.8 for use in LDAPv3 environments. The CERT/CC |
451 |
> recommends that users of OpenLDAP contact their software vendor or |
452 |
> obtain the latest version, available at |
453 |
> http://www.openLDAP.org/software/download/.] |
454 |
> |
455 |
>QUALCOMM Incorporated |
456 |
> |
457 |
> The LDAP service in WorldMail may be vulnerable to this exploit, but |
458 |
> our tests so far have been inconclusive. At this time, we strongly |
459 |
> urge all WorldMail customers to ensure that the LDAP service is not |
460 |
> accessible from outside their organization nor by untrusted users. |
461 |
> |
462 |
>The Teamware Group |
463 |
> |
464 |
> An issue has been discovered with Teamware Office Enterprise |
465 |
>Directory |
466 |
> (LDAP server) that shows a abnormal termination or loop when the LDAP |
467 |
> server encounters a maliciously or incorrectly created LDAP request |
468 |
> data. |
469 |
> |
470 |
> If the maliciously formatted LDAP request data is requested, the LDAP |
471 |
> server may excessively copy the LDAP request data to the stack area. |
472 |
> |
473 |
> This overflow is likely to cause execution of malicious code. In |
474 |
>other |
475 |
> case, the LDAP server may go into abnormal termination or infinite |
476 |
> loop. |
477 |
> |
478 |
> [CERT/CC Addendum: Teamware has provided additional documentation of |
479 |
> these issues in their "Teamware Solution Database," available at |
480 |
> http://support.teamw.com/Online/s_database1.shtml. Registered users |
481 |
> can find information on these vulnerabilities by searching for |
482 |
> document #010703-0000 for Windows NT or document #010703-0001 for |
483 |
> Solaris.] |
484 |
> |
485 |
>Appendix B. - Supplemental Information |
486 |
> |
487 |
>The PROTOS Project |
488 |
> |
489 |
> The PROTOS project is a research partnership between the University |
490 |
>of |
491 |
> Oulu and VTT Electronics, an independent research organization owned |
492 |
> by the Finnish government. The project studies methods by which |
493 |
> protocol implementations can be tested for information security |
494 |
> defects. |
495 |
> |
496 |
> Although the vulnerabilities discussed in this advisory relate |
497 |
> specifically to the LDAP protocol, the methodology used to research, |
498 |
> develop, and deploy the PROTOS LDAPv3 test suite can be applied to |
499 |
>any |
500 |
> communications protocol. |
501 |
> |
502 |
> For more information on the PROTOS project and its collection of test |
503 |
> suites, please visit |
504 |
> |
505 |
> http://www.ee.oulu.fi/research/ouspg/protos/ |
506 |
> |
507 |
>ASN.1 and the BER |
508 |
> |
509 |
> Abstract Syntax Notation One (ASN.1) is a flexible notation that |
510 |
> allows one to define a variety data types. The Basic Encoding Rules |
511 |
> (BER) describe how to represent or encode the values of each ASN.1 |
512 |
> type as a string of octets. This allow programmers to encode and |
513 |
> decode data for platform-independent transmission over a network. |
514 |
> |
515 |
>References |
516 |
> |
517 |
> The following is a list of URLs referenced in this advisory as well |
518 |
>as |
519 |
> other useful sources of information: |
520 |
> |
521 |
> http://www.cert.org/advisories/CA-2001-18.html |
522 |
> http://www.ietf.org/rfc/rfc2116.txt |
523 |
> http://www.ietf.org/rfc/rfc2251.txt |
524 |
> http://www.ietf.org/rfc/rfc2252.txt |
525 |
> http://www.ietf.org/rfc/rfc2253.txt |
526 |
> http://www.ietf.org/rfc/rfc2254.txt |
527 |
> http://www.ietf.org/rfc/rfc2255.txt |
528 |
> http://www.ietf.org/rfc/rfc2256.txt |
529 |
> http://www.ee.oulu.fi/research/ouspg/protos/ |
530 |
> |
531 |
>http://www.ee.oulu.fi/research/ouspg/protos/testing/c06/ldapv3/ |
532 |
> http://www.kb.cert.org/vuls/ |
533 |
> http://www.kb.cert.org/vuls/id/276944 |
534 |
> http://www.kb.cert.org/vuls/id/505564 |
535 |
> http://www.kb.cert.org/vuls/id/583184 |
536 |
> http://www.kb.cert.org/vuls/id/688960 |
537 |
> http://www.kb.cert.org/vuls/id/717380 |
538 |
> http://www.kb.cert.org/vuls/id/763400 |
539 |
> http://www.kb.cert.org/vuls/id/765256 |
540 |
> http://www.kb.cert.org/vuls/id/869184 |
541 |
> http://www.kb.cert.org/vuls/id/935800 |
542 |
> _________________________________________________________________ |
543 |
> |
544 |
> The CERT Coordination Center thanks the Oulu University Secure |
545 |
> Programming Group for reporting these vulnerabilities to us, for |
546 |
>their |
547 |
> detailed technical analyses, and for their assistance in preparing |
548 |
> this advisory. We also thank the many vendors who provided feedback |
549 |
> regarding their respective vulnerabilities. |
550 |
> _________________________________________________________________ |
551 |
> |
552 |
> Authors: Jeffrey P. Lanza and Cory F. Cohen. Feedback on this |
553 |
>advisory |
554 |
> is greatly appreciated. |
555 |
> |
556 |
>______________________________________________________________________ |
557 |
> |
558 |
> This document is available from: |
559 |
> http://www.cert.org/advisories/CA-2001-18.html |
560 |
> |
561 |
>______________________________________________________________________ |
562 |
> |
563 |
>CERT/CC Contact Information |
564 |
> |
565 |
> Email: cert@××××.org |
566 |
> Phone: +1 412-268-7090 (24-hour hotline) |
567 |
> Fax: +1 412-268-6989 |
568 |
> Postal address: |
569 |
> CERT Coordination Center |
570 |
> Software Engineering Institute |
571 |
> Carnegie Mellon University |
572 |
> Pittsburgh PA 15213-3890 |
573 |
> U.S.A. |
574 |
> |
575 |
> CERT personnel answer the hotline 08:00-17:00 EST(GMT-5) / EDT(GMT-4) |
576 |
> Monday through Friday; they are on call for emergencies during other |
577 |
> hours, on U.S. holidays, and on weekends. |
578 |
> |
579 |
>Using encryption |
580 |
> |
581 |
> We strongly urge you to encrypt sensitive information sent by email. |
582 |
> Our public PGP key is available from |
583 |
> |
584 |
> http://www.cert.org/CERT_PGP.key |
585 |
> |
586 |
> If you prefer to use DES, please call the CERT hotline for more |
587 |
> information. |
588 |
> |
589 |
>Getting security information |
590 |
> |
591 |
> CERT publications and other security information are available from |
592 |
> our web site |
593 |
> |
594 |
> http://www.cert.org/ |
595 |
> |
596 |
> To subscribe to the CERT mailing list for advisories and bulletins, |
597 |
> send email to majordomo@××××.org. Please include in the body of your |
598 |
> message |
599 |
> |
600 |
> subscribe cert-advisory |
601 |
> |
602 |
> * "CERT" and "CERT Coordination Center" are registered in the U.S. |
603 |
> Patent and Trademark Office. |
604 |
> |
605 |
>______________________________________________________________________ |
606 |
> |
607 |
> NO WARRANTY |
608 |
> Any material furnished by Carnegie Mellon University and the Software |
609 |
> Engineering Institute is furnished on an "as is" basis. Carnegie |
610 |
> Mellon University makes no warranties of any kind, either expressed |
611 |
>or |
612 |
> implied as to any matter including, but not limited to, warranty of |
613 |
> fitness for a particular purpose or merchantability, exclusivity or |
614 |
> results obtained from use of the material. Carnegie Mellon University |
615 |
> does not make any warranty of any kind with respect to freedom from |
616 |
> patent, trademark, or copyright infringement. |
617 |
> _________________________________________________________________ |
618 |
> |
619 |
> Conditions for use, disclaimers, and sponsorship information |
620 |
> |
621 |
> Copyright 2001 Carnegie Mellon University. |
622 |
> |
623 |
> Revision History |
624 |
>Jul 16, 2001: Initial release |
625 |
> |
626 |
>-----BEGIN PGP SIGNATURE----- |
627 |
>Version: PGPfreeware 5.0i for non-commercial use |
628 |
>Charset: noconv |
629 |
> |
630 |
>iQCVAwUBO1O5eQYcfu8gsZJZAQGupwQAikpVVn5wK0o9Kzdl3wjFf2jEhbyr3Ngz |
631 |
>ycfKTYp8GfaKvKf9HzM/861WBmAkRIkChM+t9mQZ2FuH6nNMzfYRputHb3MK5w18 |
632 |
>8EOE/stQbV0kDgXxi078ELkvZy4tqrNhd7KXNtsFCPvwo7XTrJJFLTpCS5Nltheq |
633 |
>PaynurnhNrw= |
634 |
>=mEjW |
635 |
>-----END PGP SIGNATURE----- |
636 |
> |
637 |
>----- End forwarded message ----- |
638 |
> |
639 |
>-- |
640 |
>Ben Lutgens |
641 |
>Sistina Software Inc. |
642 |
>Kernel panic: I have no root and I want to scream |
643 |
|
644 |
|
645 |
|
646 |
-- |
647 |
Ben Lutgens |
648 |
Sistina Software Inc. |
649 |
Kernel panic: I have no root and I want to scream |