RHEL 2.1 : glibc (RHSA-2002:167)

critical Nessus Plugin ID 12318

Synopsis

The remote Red Hat host is missing one or more security updates.

Description

Updated glibc packages are available which fix a buffer overflow in the XDR decoder and two vulnerabilities in the resolver functions.

[updated 8 aug 2002] Updated packages have been made available, as the original errata introduced a bug which could cause calloc() to crash on 32-bit platforms when passed a size of 0. These updated errata packages contain a patch to correct this bug.

The glibc package contains standard libraries which are used by multiple programs on the system. Sun RPC is a remote procedure call framework which allows clients to invoke procedures in a server process over a network. XDR is a mechanism for encoding data structures for use with RPC. NFS, NIS, and other network services that are built upon Sun RPC. The glibc package contains an XDR encoder/decoder derived from Sun's RPC implementation which was recently demonstrated to be vulnerable to a heap overflow.

An error in the calculation of memory needed for unpacking arrays in the XDR decoder can result in a heap buffer overflow in glibc 2.2.5 and earlier. Depending upon the application, this vulnerability may be exploitable and could lead to arbitrary code execution.
(CVE-2002-0391)

A buffer overflow vulnerability has been found in the way the glibc resolver handles the resolution of network names and addresses via DNS (as per Internet RFC 1011). Version 2.2.5 of glibc and earlier versions are affected. A system would be vulnerable to this issue if the 'networks' database in the /etc/nsswitch.conf file includes the 'dns' entry. By default, Red Hat Linux Advanced Server ships with 'networks' set to 'files' and is therefore not vulnerable to this issue. (CVE-2002-0684)

A related issue is a bug in the glibc-compat packages, which provide compatibility for applications compiled against glibc version 2.0.x.
Applications compiled against this version (such as those distributed with early Red Hat Linux releases 5.0, 5.1, and 5.2) could also be vulnerable to this issue. (CVE-2002-0651)

All users should upgrade to these errata packages which contain patches to the glibc libraries and therefore are not vulnerable to these issues.

Thanks to Solar Designer for providing patches for this issue.

Solution

Update the affected packages.

See Also

https://access.redhat.com/security/cve/cve-2002-0391

https://access.redhat.com/security/cve/cve-2002-0651

https://access.redhat.com/security/cve/cve-2002-0684

https://online.securityfocus.com/archive/1/285308

http://www.sourceware.org/ml/libc-hacker/2002-08/msg00093.html

https://access.redhat.com/errata/RHSA-2002:167

Plugin Details

Severity: Critical

ID: 12318

File Name: redhat-RHSA-2002-167.nasl

Version: 1.27

Type: local

Agent: unix

Published: 7/6/2004

Updated: 1/14/2021

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: Critical

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:redhat:enterprise_linux:glibc-profile, p-cpe:/a:redhat:enterprise_linux:glibc-common, p-cpe:/a:redhat:enterprise_linux:glibc-devel, p-cpe:/a:redhat:enterprise_linux:glibc, p-cpe:/a:redhat:enterprise_linux:nscd, cpe:/o:redhat:enterprise_linux:2.1

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 8/13/2002

Vulnerability Publication Date: 7/3/2002

Exploitable With

CANVAS (CANVAS)

Reference Information

CVE: CVE-2002-0391, CVE-2002-0651, CVE-2002-0684

CERT-CC: CA-2002-19

RHSA: 2002:167