----------------------------------------------------------------------- Immunix OS Security Advisory Packages updated: xinetd Affected products: Immunix OS 7.0-beta and 7.0 Bugs fixed: immunix/1657 Date: Fri Jun 29 2001 Advisory ID: IMNX-2001-70-029-01 Obsoletes: IMNX-2001-70-024-01 Author: Seth Arnold <sarnoldat_private> ----------------------------------------------------------------------- Description: While researching the previous xinetd problem (announced by zen-parse and discussed in Immunix OS Advisory IMNX-2001-70-024-01), Sebastian Krahmer found some improper handling of strings when the length argument to its own internal string handling functions is less than or equal to zero. We think this could lead to arbitrary code execution by remote attackers. Because the string handling functions are called with arguments both on the stack and on the heap, StackGuard is only partially effective at stopping possible attacks. As a result, we advise all Immunix OS 7.0 users upgrade immediately. This advisory is released only for Immunix OS 7.0 because 6.2 used inetd. This advisory supercedes IMNX-2001-70-024-01. Thanks to Sebastian Krahmer for finding the problem and Rob Braun for fixing the problem upstream. References: http://www.securityfocus.com/archive/1/194213 http://www.securityfocus.com/advisories/3357 Package names and locations: Precompiled binary packages for Immunix 7.0-beta and 7.0 are available at: http://download.immunix.org/ImmunixOS/7.0/updates/RPMS/xinetd-2.3.0-1_imnx.i386.rpm Source package for Immunix 7.0-beta and 7.0 is available at: http://download.immunix.org/ImmunixOS/7.0/updates/SRPMS/xinetd-2.3.0-1_imnx.src.rpm Immunix OS 7.0 md5sums: 8d7e57365bb522c484e4e7435ca9eec5 RPMS/xinetd-2.3.0-1_imnx.i386.rpm 294cfb7c6bd84e6ed27e723872179c1e SRPMS/xinetd-2.3.0-1_imnx.src.rpm GPG verification: Our public key is available at <http://wirex.com/security/GPG_KEY>. *** NOTE *** This key is different from the one used in advisories IMNX-2001-70-020-01 and earlier. Online version of all Immunix 6.2 updates and advisories: http://immunix.org/ImmunixOS/6.2/updates/ Online version of all Immunix 7.0-beta updates and advisories: http://immunix.org/ImmunixOS/7.0-beta/updates/ Online version of all Immunix 7.0 updates and advisories: http://immunix.org/ImmunixOS/7.0/updates/ NOTE: Ibiblio is graciously mirroring our updates, so if the links above are slow, please try: ftp://ftp.ibiblio.org/pub/Linux/distributions/immunix/ or one of the many mirrors available at: http://www.ibiblio.org/pub/Linux/MIRRORS.html Contact information: To report vulnerabilities, please contact securityat_private WireX attempts to conform to the RFP vulnerability disclosure protocol <http://www.wiretrip.net/rfp/policy.html>.
This archive was generated by hypermail 2b30 : Mon Jul 02 2001 - 00:20:26 PDT