Security Update: [CSSA-2002-SCO.26] OpenServer 5.0.6a : squid compressed DNS answer message boundary failure

From: securityat_private
Date: Thu Jun 13 2002 - 16:59:03 PDT

Next message: Nick Lothian: "RE: [LBYTE] Ruslan Communications <BODY>Builder SQL modification"

Previous message: Tim the Enchanter: "Another small DoS on Mozilla <= 1.0 through pop3"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

To: bugtraqat_private announceat_private scoannmodat_private

______________________________________________________________________________

		Caldera International, Inc.  Security Advisory

Subject:		OpenServer 5.0.6a : squid compressed DNS answer message boundary failure
Advisory number: 	CSSA-2002-SCO.26
Issue date: 		2002 June 13
Cross reference:
______________________________________________________________________________


1. Problem Description

	From Squid advisory SQUID-2002:2 : Error and boundary
	conditions were not checked when handling compressed DNS
	answer messages in the internal DNS code (lib/rfc1035.c).
	A malicious DNS server could craft a DNS reply that would
	cause Squid to exit with a SIGSEGV.


2. Vulnerable Supported Versions

	System				Binaries
	----------------------------------------------------------------------
	OpenServer 5.0.6a		/opt/K/SCO/Squid/2.4.6/*


3. Solution

	The proper solution is to install the latest packages.


4. OpenServer 5.0.6a

	4.1 Location of Fixed Binaries

	ftp://ftp.caldera.com/pub/updates/OpenServer/CSSA-2002-SCO.26


	4.2 Verification

	MD5 (VOL.000.000) = 87accd0ac60bf509b86e66bb74062168
	MD5 (VOL.000.001) = 4f709bb2f81fbb72e46f9f3608bca6e6
	MD5 (VOL.000.002) = eb7964ff9190da6749341170ce779b12
	MD5 (VOL.000.003) = 8be5cc4f62eb83d65541c491cbaaad3c

	md5 is available for download from
		ftp://ftp.caldera.com/pub/security/tools


	4.3 Installing Fixed Binaries

	Upgrade the affected binaries with the following commands:

	1) Download the VOL* files to the /tmp directory

	Run the custom command, specify an install from media images,
	and specify the /tmp directory as the location of the images.


5. References

	Specific references for this advisory:
		http://www.squid-cache.org/Advisories/SQUID-2002_2.txt

	Caldera security resources:
		http://www.caldera.com/support/security/index.html

	This security fix closes Caldera incidents sr862189, fz520428,
	erg712012.


6. Disclaimer

	Caldera International, Inc. is not responsible for the
	misuse of any of the information we provide on this website
	and/or through our security advisories. Our advisories are
	a service to our customers intended to promote secure
	installation and use of Caldera products.


7. Acknowledgements

	This vulnerability was discovered and researched by zen-parse
	<zen-parseat_private>.

______________________________________________________________________________

application/pgp-signature attachment: stored

Next message: Nick Lothian: "RE: [LBYTE] Ruslan Communications <BODY>Builder SQL modification"
Previous message: Tim the Enchanter: "Another small DoS on Mozilla <= 1.0 through pop3"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Jun 14 2002 - 05:48:56 PDT