Published:
06 December 1999
Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-1999.185 -- RHSA-1999:058 ORBit, esound, gnome-core 07 December 1999 =========================================================================== Red Hat Inc. has released the following advisory concerning denial of service vulnerabilities in the ORBit and gnome-session programs and security vulnerabilities in the ORBit and esound programs. These vulnerabilities affect Red Hat Linux 6.1. These vulnerabilities may allow local users to gain privileged access to the system or for remote users to crash the ORBit and gnome-session programs which may constitute a denial of service. - --------------------------BEGIN INCLUDED TEXT-------------------- - --------------------------------------------------------------------- Red Hat, Inc. Security Advisory Synopsis: new ORBit, esound, and gnome-core packages Advisory ID: RHSA-1999:058-01 Issue date: 1999-12-03 - --------------------------------------------------------------------- 1. Topic: ORBit and gnome-session each contained a denial-of-service hole. ORBit and esound each contained a security hole. 2. Relevant releases/architectures: Red Hat Linux 6.1 3. Problem description: ORBit and esound used a source of random data that was easily guessable, possibly allowing an attacker with local access to guess the authentication keys used to control access to these services. ORBit and gnome-session contained a bug that allowed attackers to remotely crash a program under unusual circumstances. In addition to fixing these problems, TCP Wrappers support has been added to gnome-session. ORBit already makes use of TCP Wrappers. It is recommended that this functionality be used when additional access controls are desired on network access to these services. 4. Solution: For each RPM for your particular architecture, run: rpm -Uvh <filename> where filename is the name of the RPM. 5. RPMs required: Intel: ftp://updates.redhat.com/6.1/i386/ORBit-0.5.0-2.i386.rpm ftp://updates.redhat.com/6.1/i386/ORBit-devel-0.5.0-2.i386.rpm ftp://updates.redhat.com/6.1/i386/esound-0.2.17-1.i386.rpm ftp://updates.redhat.com/6.1/i386/esound-devel-0.2.17-1.i386.rpm ftp://updates.redhat.com/6.1/i386/gnome-core-1.0.54-2.i386.rpm ftp://updates.redhat.com/6.1/i386/gnome-core-devel-1.0.54-2.i386.rpm Sparc: ftp://updates.redhat.com/6.1/sparc/ORBit-0.5.0-2.sparc.rpm ftp://updates.redhat.com/6.1/sparc/ORBit-devel-0.5.0-2.sparc.rpm ftp://updates.redhat.com/6.1/sparc/esound-0.2.17-1.sparc.rpm ftp://updates.redhat.com/6.1/sparc/esound-devel-0.2.17-1.sparc.rpm ftp://updates.redhat.com/6.1/sparc/gnome-core-1.0.54-2.sparc.rpm ftp://updates.redhat.com/6.1/sparc/gnome-core-devel-1.0.54-2.sparc.rpm Source packages: ftp://updates.redhat.com/6.1/SRPMS/ORBit-0.5.0-2.src.rpm ftp://updates.redhat.com/6.1/SRPMS/esound-0.2.17-1.src.rpm ftp://updates.redhat.com/6.1/SRPMS/gnome-core-1.0.54-2.src.rpm 9. Verification: MD5 sum Package Name - -------------------------------------------------------------------------- 35cb261853a01711fb47ee6d48149bd4 i386/ORBit-0.5.0-2.i386.rpm 808e9dca462f8ef765b454b25e017614 i386/ORBit-devel-0.5.0-2.i386.rpm 261e7063065c50f5eb4235cb373c85f1 i386/esound-0.2.17-1.i386.rpm fa44e546df9b307cec6557cac0112eff i386/esound-devel-0.2.17-1.i386.rpm d8c3814f4b8c19c38af526271dd1c294 i386/gnome-core-1.0.54-2.i386.rpm a689359b3ff0bbe3ebc908a4ab5aaaad i386/gnome-core-devel-1.0.54-2.i386.rpm 4ce667c72a33146c5280cc7fecba0f4d sparc/ORBit-0.5.0-2.sparc.rpm 473056e09906fe49914c1d79dd30dc98 sparc/ORBit-devel-0.5.0-2.sparc.rpm 8ed14577fb93f8c684a98962c564b772 sparc/esound-0.2.17-1.sparc.rpm 0f8965c2d13bc000a87ed26ab5459ffb sparc/esound-devel-0.2.17-1.sparc.rpm 11a28ec13e110cbaabb403333efe27c1 sparc/gnome-core-1.0.54-2.sparc.rpm 7b86b6bb257376242e88096f1aafc722 sparc/gnome-core-devel-1.0.54-2.sparc.rpm 9fa749891ed4e9505b07cac512e80808 SRPMS/ORBit-0.5.0-2.src.rpm 4d34ef79104c3b754f368900a1f09370 SRPMS/esound-0.2.17-1.src.rpm 48f5b99bc92048e99e159a026b314871 SRPMS/gnome-core-1.0.54-2.src.rpm These packages are GPG signed by Red Hat, Inc. for security. Our key is available at: http://www.redhat.com/corp/contact.html You can verify each package with the following command: rpm --checksig <filename> If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg <filename> - --------------------------END INCLUDED TEXT-------------------- This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to use any or all of this information is the responsibility of each user or organisation, and should be done so in accordance with site policies and procedures. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the original authors to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/Information/advisories.html If you believe that your system has been compromised, contact AusCERT or your representative in FIRST (Forum of Incident Response and Security Teams). Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for emergencies. -----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: noconv Comment: ftp://ftp.auscert.org.au/pub/auscert/AUSCERT_PGP.key iQCVAwUBOFpaGih9+71yA2DNAQGp0QQAl+KO2YA1UVVzbLq2b3vVTLx02IPpYt0q 6tUXjooXFm+0rIAFjHMn/y6raSrE7vBTVKbd006kp4CryaRQS0MwQ2/aXS8wU+gh rx2wHIBcJ+ampIk6uBgBsD00crbsSu0TF5yKC/Q2TDJky75+yGmIMSfbfZjLfwws L5O7CigdEOg= =T62s -----END PGP SIGNATURE-----