[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20021028165137.L7998@caldera.com>
From: security at caldera.com (security@...dera.com)
Subject: Security Update: [CSSA-2002-041.0] Linux: pam_ldap format string vulnerability
To: bugtraq@...urityfocus.com announce@...ts.caldera.com security-alerts@...uxsecurity.com full-disclosure@...ts.netsys.com
______________________________________________________________________________
SCO Security Advisory
Subject: Linux: pam_ldap format string vulnerability
Advisory number: CSSA-2002-041.0
Issue date: 2002 October 28
Cross reference:
______________________________________________________________________________
1. Problem Description
The pam_ldap module provides authentication for user access
to a system by consulting a directory using LDAP. Versions of
pam_ldap prior to version 144 include a format string bug in
the logging function.
2. Vulnerable Supported Versions
System Package
----------------------------------------------------------------------
OpenLinux 3.1.1 Server prior to pam_ldap-144-1.i386.rpm
OpenLinux 3.1.1 Workstation prior to pam_ldap-144-1.i386.rpm
OpenLinux 3.1 Server prior to pam_ldap-144-1.i386.rpm
OpenLinux 3.1 Workstation prior to pam_ldap-144-1.i386.rpm
3. Solution
The proper solution is to install the latest packages. Many
customers find it easier to use the Caldera System Updater, called
cupdate (or kcupdate under the KDE environment), to update these
packages rather than downloading and installing them by hand.
4. OpenLinux 3.1.1 Server
4.1 Package Location
ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2002-041.0/RPMS
4.2 Packages
8e772565f5fd9933c938cbc7a4a9f229 pam_ldap-144-1.i386.rpm
4.3 Installation
rpm -Fvh pam_ldap-144-1.i386.rpm
4.4 Source Package Location
ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2002-041.0/SRPMS
4.5 Source Packages
46faba5e7af087eccd984e8a68e6068a pam_ldap-144-1.src.rpm
5. OpenLinux 3.1.1 Workstation
5.1 Package Location
ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2002-041.0/RPMS
5.2 Packages
732acb91b620f591e5036dc5117362c6 pam_ldap-144-1.i386.rpm
5.3 Installation
rpm -Fvh pam_ldap-144-1.i386.rpm
5.4 Source Package Location
ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2002-041.0/SRPMS
5.5 Source Packages
ac6da0b1c041f42bc5afdfbb13d50750 pam_ldap-144-1.src.rpm
6. OpenLinux 3.1 Server
6.1 Package Location
ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Server/CSSA-2002-041.0/RPMS
6.2 Packages
37d60b62162ddf3f044d0c5533d83e05 pam_ldap-144-1.i386.rpm
6.3 Installation
rpm -Fvh pam_ldap-144-1.i386.rpm
6.4 Source Package Location
ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Server/CSSA-2002-041.0/SRPMS
6.5 Source Packages
2a2b18ef2cf09c944dee12cb2169ca20 pam_ldap-144-1.src.rpm
7. OpenLinux 3.1 Workstation
7.1 Package Location
ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Workstation/CSSA-2002-041.0/RPMS
7.2 Packages
ea457e8e6c356e688ec547d59652b812 pam_ldap-144-1.i386.rpm
7.3 Installation
rpm -Fvh pam_ldap-144-1.i386.rpm
7.4 Source Package Location
ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Workstation/CSSA-2002-041.0/SRPMS
7.5 Source Packages
a39531e06057bbaaed603cb4150ca6a3 pam_ldap-144-1.src.rpm
8. References
Specific references for this advisory:
http://www.padl.com/OSS/pam_ldap.html
http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0053.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0374
SCO security resources:
http://www.sco.com/support/security/index.html
This security fix closes SCO incidents sr865994, fz521320,
erg501620.
9. Disclaimer
SCO is not responsible for the misuse of any of the information
we provide on this website and/or through our security
advisories. Our advisories are a service to our customers intended
to promote secure installation and use of SCO products.
10. Acknowledgements
The pam_ldap team at padl.com discovered and researched this
vulnerability.
______________________________________________________________________________
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 237 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20021028/889cb6bd/attachment.bin
Powered by blists - more mailing lists