5112893 2000-05-19 22:30 /194 rader/ Postmaster Mottagare: Bugtraq (import) <10905> Ärende: Fw: [suse-security-announce] SuSE Security Announcement - kernel ------------------------------------------------------------ Approved-By: aleph1@SECURITYFOCUS.COM Delivered-To: bugtraq@lists.securityfocus.com Delivered-To: BUGTRAQ@SECURITYFOCUS.COM MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6700 Message-ID: <001401bfc100$8350bad0$9a0a16c3@h0tpizza> Date: Thu, 18 May 2000 20:37:32 +0100 Reply-To: bacano <bacano@ESOTERICA.PT> Sender: Bugtraq List <BUGTRAQ@SECURITYFOCUS.COM> From: bacano <bacano@ESOTERICA.PT> X-To: BUGTRAQ@SECURITYFOCUS.COM To: BUGTRAQ@SECURITYFOCUS.COM ----- Original Message ----- From: "Marc Heuse" <marc@suse.de> Sent: Wednesday, May 17, 2000 7:50 PM Subject: [suse-security-announce] SuSE Security Announcement - kernel > -----BEGIN PGP SIGNED MESSAGE----- > > ____________________________________________________________________________ __ > > SuSE Security Announcement > > Package: kernel < 2.2.15 > Date: Wed, 17 May 2000 18:24:50 GMT > > Affected SuSE versions: 6.1 - 6.4 > Vulnerability Type: bypass ipchains filter rules > denial of service > SuSE default package: yes > Other affected systems: all linux versions using kernel 2.2.x and > several stateful firewall packages > ____________________________________________________________________________ __ > > A security hole was discovered in the package mentioned above. > Please update as soon as possible or disable the service if you are using > this software on your SuSE Linux installation(s). > > Other Linux distributions or operating systems might be affected as > well, please contact your vendor for information about this issue. > > Please note that we provide this information on an "as-is" basis only. > There is no warranty whatsoever and no liability for any direct, indirect or > incidental damage arising from this information or the installation of > the update package. > ____________________________________________________________________________ _ > > 1. Problem Description > > The masquerading feature in the Linux kernel has got a vulnerability in > the udp and ftp masquerading code which allows arbitary backward > connections to be opened. > Some denial of service were found. > > 2. Impact > > Remote users may bypass ipchains filter rules protecting the internal > network. > Users can crash the machine. > > 3. Solution > > Update the package from our FTP server. > Please note that we provide a patched 2.2.14 kernel to ensure stability > and not the 2.2.15 kernel. > ____________________________________________________________________________ __ > > Please verify these md5 checksums of the updates before installing: > (NOTE: the 6.4 updates fit 6.1 to 6.3 as well) > > 765e268875a7716f681c14389a1c9b9b ftp://ftp.suse.com/pub/suse/i386/update/6.4/kernel/k_deflt.rpm > be6ee213f0cafd4dac5c51a2a8d100f0 ftp://ftp.suse.com/pub/suse/i386/update/6.4/kernel/k_eide.rpm > b900eb9f47c94df5cc15721e5f96a58e ftp://ftp.suse.com/pub/suse/i386/update/6.4/kernel/k_i386.rpm > 37deca6ee856c3242a13c2a24f32fc7f ftp://ftp.suse.com/pub/suse/i386/update/6.4/d1/lx_suse-2.2.14.SuSE-24.i386.r pm > ____________________________________________________________________________ __ > > You can find updates on our ftp-Server: > > ftp://ftp.suse.com/pub/suse/i386/update for Intel processors > ftp://ftp.suse.com/pub/suse/axp/update for Alpha processors > > or try the following web pages for a list of mirrors: > http://www.suse.de/ftp.html > http://www.suse.com/ftp_new.html > > Our webpage for patches: > http://www.suse.de/patches/index.html > > Our webpage for security announcements: > http://www.suse.de/security > > If you want to report vulnerabilities, please contact > security@suse.de > ____________________________________________________________________________ __ > > SuSE has got two free security mailing list services to which any > interested party may subscribe: > > suse-security@suse.com - moderated and for general/linux/SuSE > security discussions. All SuSE security > announcements are sent to this list. > > suse-security-announce@suse.com - SuSE's announce-only mailing list. > Only SuSE's security annoucements are sent > to this list. > > To subscribe to the list, send a message to: > <suse-security-subscribe@suse.com> > > To remove your address from the list, send a message to: > <suse-security-unsubscribe@suse.com> > > Send mail to the following for info and FAQ for this list: > <suse-security-info@suse.com> > <suse-security-faq@suse.com> > > ____________________________________________________________________________ _ > > This information is provided freely to everyone interested and may > be redistributed provided that it is not altered in any way. > > Type Bits/KeyID Date User ID > pub 2048/3D25D3D9 1999/03/06 SuSE Security Team <security@suse.de> > > - ------BEGIN PGP PUBLIC KEY BLOCK----- > Version: 2.6.3i > > mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA > BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz > JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh > 1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U > P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+ > cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg > VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b > yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7 > tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ > xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63 > Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo > choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI > BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u > v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+ > x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0 > Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq > MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2 > saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o > L0oixF12Cg== > =pIeS > - ------END PGP PUBLIC KEY BLOCK----- > > -----BEGIN PGP SIGNATURE----- > Version: 2.6.3i > Charset: noconv > > iQEVAwUBOSLptXey5gA9JdPZAQFAswf+L1yoW+eVDCmBDeBHbVqZMb+/X52dh391 > jcQ4XAT5gnkuWpqyy7XhvFUqnh555SqNssdgtoqpGYdCoH9tmG4QOY/aK0oRcMee > ttZfmqD/+SWJdS970sdr75t61/m/iqvVmLemtRnYgXjDOI2e1RgTTHK7eEvDgMlA > F9eB1BPa4YsbtAtsh5HOPRRfgDUjbp5Cfss2mMNRwL1NEX3RkVug8dePM3zvQNVy > S1+hCsMkuvHtzwGegsOh0Ix8DVDDDSMh1ZV7i6ECAaH1/10Vw7Osp0swEP1VkZ6/ > nL1tZKA2kDtHpCtPi3Z4oQNbMdDuKAaFD/eLx7UvMdCjjnf8GbUNkA== > =BFxK > -----END PGP SIGNATURE----- > > -- > To unsubscribe, e-mail: suse-security-announce-unsubscribe@suse.com > For additional commands, e-mail: suse-security-announce-help@suse.com > > (5112893) ------------------------------------------