CERT: Security flaw in Sun library affects Kerberos
A security hole in the XDR (External Data Representation) Library provided to a number of vendors by Sun Microsystems Inc. could allow an attacker to execute arbitrary code on an affected system or cause a denial of service, according to an advisory released Tuesday by the CERT Coordination Center (CERT/CC).
The flaw also affects the widely used Kerberos authentication software that allows users to securely log on to remote systems.
The vulnerability exists in XDR libraries derived from SunRPC (remote procedure call) used in products from Sun, as well as from Apple Computer Inc., IBM Corp. and a number of Linux and Unix distributions, CERT/CC said. These products include those that use the Sun network service library (libnsl), the BSD-derived XDR/RPC routines (libc) and the GNU C library with sunrpc (glibc), CERT/CC said.
The XDR Library is a method of sending processes from one system to another, usually over a network connection, without regard to platform, CERT/CC said.
The security hole comes in the xdr_array component of the XDR Library, where an integer overflow problem could lead to a buffer overflow, according to CERT/CC. Were an attacker to exploit these vulnerabilities, he or she would be able to run code of their choice on the target system, CERT/CC said.
Due to the number of systems that the XDR Library is included in, attacks can cause other problems, including denials of service and information disclosure, CERT/CC said. Also potentially troublesome is the effect of the flaw on Kerberos, which could allow an attacker to gain access to a trusted Kerberos realm, CERT/CC said.
Affected software includes Apple's Mac OS X and Mac OS X Server, Debian Linux 3, IBM's AIX 4.3.3 and 5.1.0, the Kerberos software developed by the Massachusetts Institute of Technology and Sun's Solaris 2.5.1 through 9.
Users should contact their vendors to inquire about patch status. A more complete list of affected vendors and products, as well as their patch status, can be found at http://www.cert.org/advisories/CA-2002-25.html.
» posted by abennett
IDG News Service
Symantec Backup Exec 12 and Backup Exec System Recovery 8 deliver industry leading Windows data protection and system recovery. Download this whitepaper to find out the top reasons to upgrade and how to get continuous data protection and complete system recovery.
Data and system loss — from a hard drive failure, malicious attack, natural disaster, or simple human error — can happen anytime. Don’t leave your business vulnerable. Make sure you have a secure recovery strategy in place. Symantec's latest backup and system recovery technology can efficiently restore critical applications, individual emails and documents and even restore your entire system in minutes in the event of a loss.
Businesses face a growing challenge to ensure that the IT environment is properly protected. Backup Exec 12 integrates with other applications in the Symantec family of products, to complement your current data protection strategy, keep your data securely backed up and make it recoverable when you need it most.
Crimeware: Understanding New Attacks and Defenses
By Markus Jakobsson, Zulfikar Ramzan
Published Apr 6, 2008 by Addison-Wesley Professional. Part of the Symantec Press series.
Enter now! | Official rules | Sample chapter
Securing VoIP Networks: Threats, Vulnerabilities, and Countermeasures
By Peter Thermos, Ari Takanen
Published Aug 1, 2007 by Addison-Wesley Professional.
Enter now! | Official rules | Sample chapter
