Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> Red Hat Local Security Checks >> RHSA-2002-167: glibc


Vulnerability Assessment Details

RHSA-2002-167: glibc

Vulnerability Assessment Summary
Check for the version of the glibc packages

Detailed Explanation for this Vulnerability Assessment


Updated glibc packages are available which fix a buffer overflow in the XDR
decoder and two vulnerabilities in the resolver functions.

[updated 8 aug 2002]
Updated packages have been made available, as the original errata
introduced
a bug which could cause calloc() to crash on 32-bit platforms when passed a
size of 0. These updated errata packages contain a patch to correct this
bug.

The glibc package contains standard libraries which are used by
multiple programs on the system. Sun RPC is a remote procedure call
framework which permits clients to invoke procedures in a server process
over a network. XDR is a mechanism for encoding data structures for use
with RPC. NFS, NIS, and other network services that are built upon Sun
RPC. The glibc package contains an XDR encoder/decoder derived from Sun's
RPC implementation which was recently demonstrated to be vulnerable to a
heap overflow.

An error in the calculation of memory needed for unpacking arrays in the
XDR decoder can result in a heap buffer overflow in glibc 2.2.5 and
earlier. Depending upon the application, this vulnerability may be
exploitable and could lead to arbitrary code execution. (CVE-2002-0391)

A buffer overflow vulnerability has been found in the way the glibc
resolver handles the resolution of network names and addresses via DNS (as
per Internet RFC 1011). Version 2.2.5 of glibc and earlier versions are
affected. A system would be vulnerable to this issue if the
"networks" database in the /etc/nsswitch.conf file includes the "dns"
entry. By default, Red Hat Linux Advanced Server ships with "networks"
set to "files" and is therefore not vulnerable to this issue.
(CVE-2002-0684)

A related issue is a bug in the glibc-compat packages, which
provide compatibility for applications compiled against glibc version
2.0.x. Applications compiled against this version (such as those
distributed with early Red Hat Linux releases 5.0, 5.1, and 5.2) could also
be vulnerable to this issue. (CVE-2002-0651)

All users should upgrade to these errata packages which contain patches to
the glibc libraries and therefore are not vulnerable to these issues.

Thanks to Solar Designer for providing patches for this issue.




Solution : http://rhn.redhat.com/errata/RHSA-2002-167.html
Network Security Threat Level: High

Networks Security ID:

Vulnerability Assessment Copyright: This script is Copyright (C) 2004 Tenable Network Security

Cables, Connectors

HP PROLIANT MICROSERVER G8 E3-1220LV2 2.3GHZ 4GB
$599.0
HP PROLIANT MICROSERVER G8 E3-1220LV2 2.3GHZ 4GB pictureHP ProLiant 712318-001 Ultra Micro Tower Server - 1 x Intel Pentium G2020T 2.50
$630.0
HP ProLiant 712318-001 Ultra Micro Tower Server - 1 x Intel Pentium G2020T 2.50  pictureSuper Micro MBD-PDSGE-O Pentium D 3.0GHz 955X Chipset LGA775 Server Motherboard
$299.99
Super Micro MBD-PDSGE-O Pentium D 3.0GHz 955X Chipset LGA775 Server Motherboard pictureHP PROLIANT MICROSERVER G8 E3-1220LV2 2.3GHZ 16GB 4 X 1TB MIDLINE
$1349.0
HP PROLIANT MICROSERVER G8 E3-1220LV2 2.3GHZ 16GB 4 X 1TB MIDLINE picture


Discussions

No Discussions have been posted on this vulnerability.