Operating System:

[UNIX/Linux]

Published:

03 May 2001

Protect yourself against future threats.

//Service

Early Warning SMS

Receive SMS notifications for the most critical security threats and vulnerabilities.

Read more
Resources > Security Bulletins > ESB-2001.187 

-----BEGIN PGP SIGNED MESSAGE-----

===========================================================================
             AUSCERT External Security Bulletin Redistribution

            ESB-2001.187 -- COMPAQ Security Advisory SSRT1-85U
                        Tru64 UNIX - xntpd overflow
                                4 May 2001

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:                xntpd
Vendor:                 Compaq
Operating System:       Compaq Tru64 UNIX 4.0d
                        Compaq Tru64 UNIX 4.0f
                        Compaq Tru64 UNIX 4.0g
                        Compaq Tru64 UNIX 5.0
                        Compaq Tru64 UNIX 5.0a
                        Compaq Tru64 UNIX 5.1
                        Unix
Impact:                 Increased Privileges
Access Required:        Remote

Ref:                    ESB-2001.139
                        ESB-2001.140
                        ESB-2001.141
                        ESB-2001.149

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

               **       NO RESTRICTIONS      **
               **      FOR DISTRIBUTION     **

 ====================================================
 TITLE:        SSRT1-85U - xntpd potential buffer overflow
 SOURCE:   Compaq Computer Corporation,
                     Software Security Response Team
 ====================================================
 Date:  02-MAY-2001

 SEVERITY:  HIGH

 PROBLEM STATEMENT SUMMARY:

  Compaq continues to take a serious approach to the quality
  and security of all its software products and makes every
  effort to address issues and provide solutions in a timely
  manner. In line with this commitment, Compaq is responding
  to recent concerns of a potential buffer overflow with xntpd.

  The Network Time Protocol daemon for Compaq Tru64 UNIX
  contains a potential buffer overflow (even though it would be 
  difficult to exploit) that may allow unauthorized access to bin 
  privileges.

 IMPACT:

  Compaq's Tru64 UNIX  V4.0d, V4.0f, V4.0g, V5.0, V5.0a, V5.1

 SOLUTION:

  Compaq Tru64 UNIX engineering has provided a fix for this 
  potential problem.

  NOTE: The solutions will be included in future releases of 
  Tru64 UNIX aggregate patch kits. Until that has happened 
  the kits identified should be reinstalled accordingly after an 
  upgrade to any affected version listed.

   The patches identified are available from the Compaq FTP site
   http://ftp1.support.compaq.com/public/dunix/ then choose the
   version directory needed and search for the patch by name. 
   Please review the applicable readme and install files prior 
   to installation.

   Patches:
  V4.0D:   DUV40D16-C0058302-10580-20010430.tar
  V4.0F:    DUV40F16-C0042002-10579-20010430.tar
  V4.0G:   T64V40G16-C0003502-10577-20010430.tar
  V5.0:      T64V5016-C0006102-10575-20010430.tar
  V5.0A:   T64V50A16-C0010402-10574-20010430.tar
  V5.1:      T64V513-C0027202-10573-20010430.tar

   NOTE: A patch for Compaq Tru64 UNIX V4.0e is not available
   as it is no longer supported by Compaq. If you require a patch 
   for V4.0e please contact your normal Compaq Services channel.

  Compaq appreciates your cooperation and patience. We regret any
  inconvenience applying this information may cause.

  As always, Compaq urges you to periodically review your system
  management and security procedures.  Compaq will continue to
  review and enhance the security features of its products and work
  with customers to maintain and improve the security and integrity
  of their systems.

 (c) Copyright 2001 Compaq Computer Corporation.  All rights reserved

   To subscribe to automatically receive future NEW Security
   Advisories from the Compaq's Software Security Response Team
   via electronic mail,

   Use your browser select the URL
   http://www.support.compaq.com/patches/mailing-list.shtml
   Select "Security and Individual Notices" for immediate dispatch
   notifications directly to your mailbox.

   To report new Security Vulnerabilities, send mail to:

      security-ssrt@compaq.com
 =============================================
  COMPAQ AND/OR ITS RESPECTIVE SUPPLIERS MAKE
  NO REPRESENTATIONS ABOUT THE SUITABILITY OF
  THE INFORMATION CONTAINED IN THE DOCUMENTS
  AND RELATED GRAPHICS AND/OR SOFTWARE PUBLISHED
  ON THIS SERVER FOR ANY PURPOSE. ALL SUCH
  DOCUMENTS AND RELATED GRAPHICS ARE PROVIDED
  "AS IS" WITHOUT WARRANTY OF ANY KIND AND ARE
  SUBJECT TO CHANGE WITHOUT NOTICE. THE ENTIRE RISK
  ARISING OUT OF THEIR USE REMAINS WITH THE RECIPIENT.
  IN NO EVENT SHALL COMPAQ AND/OR ITS RESPECTIVE
  SUPPLIERS BE LIABLE FOR ANY DIRECT, CONSEQUENTIAL,
  INCIDENTAL, SPECIAL, PUNITIVE OR OTHER DAMAGES
  WHATSOEVER (INCLUDING WITHOUT LIMITATION,
  DAMAGES FOR LOSS OF BUSINESS PROFITS, BUSINESS
  INTERRUPTION, OR LOSS OF BUSINESS INFORMATION),
  EVEN IF COMPAQ HAS BEEN ADVISED OF THE POSSIBILITY
  OF SUCH DAMAGES.

- -----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>

iQA/AwUBOvDA+KgxZJFjvD74EQIcQgCfTZEG+9t09c6DPEZB/Ez/VehVI5sAnAhQ
X4McRxZlZeJ27lWFf6ndo+PV
=FExB
- -----END PGP SIGNATURE-----


- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content.  The decision to use any or all of this information is
the responsibility of each user or organisation, and should be done so in
accordance with site policies and procedures.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the original authors to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

	http://www.auscert.org.au/Information/advisories.html

If you believe that your system has been compromised, contact AusCERT or
your representative in FIRST (Forum of Incident Response and Security
Teams).

Internet Email: auscert@auscert.org.au
Facsimile:	(07) 3365 7031
Telephone:	(07) 3365 4417 (International: +61 7 3365 4417)
		AusCERT personnel answer during Queensland business hours
		which are GMT+10:00 (AEST).
		On call after hours for emergencies.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
Comment: ftp://ftp.auscert.org.au/pub/auscert/AUSCERT_PGP.key

iQCVAwUBOvK27Sh9+71yA2DNAQHJpwP8CYPfqQy7MlTrw3TTexZLRx8tedXk31EO
Lqw0EPokjKBsn170oQQvmfvGs/GrrXCdF4QXgO0vOB5MPdc1VDN33XDS4B43Haoa
RK/Q2kjoFqAldXBsDqKF66XPU6GIM5iSPCPolQ3bvEuBY7kQZi4P2SXMq4dFUuYw
I5PlvLzXs9c=
=d97A
-----END PGP SIGNATURE-----