Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Bugtraq
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[NILESA-20050701] UnixWare 7.x RPC portmapper Dos Vulnerability

from [Jonglim Yun] Network Security [Permanent Link]
Subject: [NILESA-20050701] UnixWare 7.x RPC portmapper Dos Vulnerability
Date: Wed, 27 Jul 2005 09:28:47 +0900 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

================================================================================
                        NileSOFT Security Advisory
- 
--------------------------------------------------------------------------------
ID      : NILESA-20050701
Title   : rpcbind Invalid portmap Request Causes Denial of Service
Vendor  : SCO
URL     : www.sco.com
Product : UnixWare 7.x (and maybe other versions)
Severity: Moderate
Local   : Possible
Remote  : Possible
Date    : 2005.07.25
CVE ID  : CAN-2005-2132
Author  : Yun Jonglim / NileSOFT (www.nilesoft.co.kr)
================================================================================

1. Summary

When the UnixWare 7.x version of the RPC portmapper(rpcbind) receives an invalid
portmap request from a remote (or local) host, it falls into a denial of service
state and cannot respond.

2. Vulnerability Description

When the UnixWare 7.x version of the RPC portmapper(rpcbind) receives a number 
of
invalid portmap requests, it falls into a denial of service state and does not
respond to normal RPC portmap requests.
rpcbind maps each RPC service to the corresponding port for remote(or local) RPC
service requests. Therefore, when rpcbind falls into a denial of service state,
the port mapping does not operate normally and will cause most RPC services to 
be
unusable.

3. Impact

The RPC services will not operate normally.

4. Remedy

SCO will be releasing the advisory and fix: SCOSA-2005.31.
http://www.sco.com/support/security/index.html
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.31

5. Disclosure Dates

2005/05/15 First discovered and analyzed
2005/06/01 Vender notified and initial response
2005/07/19 Vender Confirmed and patch prepared
2005/07/25 Advisory released

6. CVE Information

The Common Vulnerabilities and Exposures (CVE) project has assigned the
names CAN-2005-2132 to these issues. This is a candidate for inclusion
in the CVE list (http://cve.mitre.org), which standardizes names for
security problems.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (MingW32) - GPGshell v3.30

iQEVAwUBQubU3oFNV2ryoBXjAQIPBAf/apd71pVJN6tf3MRefWZgbBCrKIhMfEAr
fjn+9t8dcjg0v4PT5U2KBu6VeKS6h/Q1tuz9cfHxs4fSDrldgcSCjYqsnU6PrVDq
6VjwJgSzJ5KCam/5Lt4ORQWVW0kKrO6eQyEWC/wEBHfYimY7XaZrFmYVAL/k+wcG
AsPYvkBv2zaPdHLYPQJJkkGnxHiE04MWUgQbVP5iv1WfO1W9QpIiM1AHeeaP4Fy5
+mM58OgpGKCKZZs15869xHOOM4j1BN4non1AqpRrqq8GYWeXIkdkHRzeDayyxn0L
tb+1PVcX4m4gNvfMJHrx04RiAq02dTyJSZzHv2mIC66mKY4h4L/MUQ==
=wRT6
-----END PGP SIGNATURE-----
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [NILESA-20050701] UnixWare 7.x RPC portmapper Dos Vulnerability, Jonglim Yun <=
Previous by Date:  [Full-disclosure] [ GLSA 200507-26 ] GNU Gadu, CenterICQ, Kadu, EKG, libgadu: Remote code execution in Gadu library, Sune Kloppenborg Jeppesen
Next by Date:  FreeBSD Security Advisory FreeBSD-SA-05:19.ipsec, FreeBSD Security Advisories
Previous by Thread:  [Full-disclosure] [ GLSA 200507-26 ] GNU Gadu, CenterICQ, Kadu, EKG, libgadu: Remote code execution in Gadu library, Sune Kloppenborg Jeppesen
Next by Thread:  FreeBSD Security Advisory FreeBSD-SA-05:19.ipsec, FreeBSD Security Advisories
Indexes:  [Date] [Thread] [Top] [All Lists]