[ISN] Flaw opens door in Windows, Mac, Linux

From: InfoSec News (isnat_private)
Date: Thu Aug 08 2002 - 01:09:05 PDT

  • Next message: InfoSec News: "[ISN] A Big LOL for FBI Alert"

    By Matthew Broersma 
    Special to CNET News.com
    August 7, 2002, 10:38 AM PT
    Security researchers have warned of a flaw in communications software
    that could allow attackers to take over computers running Windows, Mac
    OS X and Unix-based operating systems, as well as those with Kerberos
    authentication systems.
    The problem is widespread because it affects some implementations of
    XDR (external data representation) libraries, used by many
    applications as a way of sending data from one system process to
    another regardless of the system's architecture. The affected
    libraries are derived from Sun Microsystems' popular SunRPC remote
    procedure call technology.
    The Computer Emergency Response Team (CERT) Coordination Center, a
    security network based at Carnegie Mellon University, warned on
    Tuesday that systems using the affected code should immediately apply
    patches or disable the affected services.
    A function in Sun's XDR library contains an integer overflow that can
    lead to buffer overflows, according to CERT security researchers
    Jeffrey Havrilla and Cory Cohen. These buffer overflows can allow an
    attacker to crash a system, execute malicious code or steal sensitive
    information, Havrilla and Cohen said.
    The problem also affects the administration system of Kerberos 5, a
    widely used network security tool, which could allow attackers to gain
    control of Kerberos Key Distribution Center authentication functions.  
    This could allow an attacker to gain false authentication with other
    services. Kerberos is included in Windows 2000.
    The MIT Kerberos development team issued a warning and patch on its
    Web site.
    Apple Computer confirmed that its Mac OS X operating system contains
    the vulnerability, which has been fixed through a recent security
    advisory, available through the software's automatic update mechanism.
    Several sellers of Unix and Unix-like operating systems, including Red
    Hat, Debian, FreeBSD, Sun and NetBSD, said that their software was
    affected by the issue, and issued fixes. HP said it was investigating
    the bug's impact.
    Microsoft said it is still investigating how Windows is affected by
    the problem.
    The relevant patches are available from the companies' Web sites, or
    through the CERT advisory on its Web site.
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Thu Aug 08 2002 - 03:46:30 PDT