hubertf's NetBSD Blog
Send interesting links to hubert at feyrer dot de!
[20111216] Two new NetBSD Security Advisories: OpenPAM and BIND resolver
The NetBSD Security Officers have released two new security advisories about problems found in 3rd party software that comes bundled with NetBSD's base system, OpenPAM and the BIND resolver.
  • NetBSD Security Advisory 2011-008: OpenPAM privilege escalation

    Affects pkgsrc, all release branches and -current before 2011-11-09, it's fixed in all branches (current, netbsd-4 and -5) after that date.

    Details from the advisory: ``The pam_start() function of OpenPAM doesn't check the "service" argument. With a relative path it can be tricked into reading a config file from an arbitrary location. NetBSD base utilities pass fixed constant strings. 3rd party programs which run with elevated privileges and allow user chosen strings open an attack vector.''

  • NetBSD Security Advisory 2011-009: BIND resolver DoS:

    Affects pkgsrc, all release branches and -current from before 2011-11-20, it's fixed in the CVS branches after 2011-11-20.

    Details from the advisory: ``Unpatched BIND 9 resolvers may cache an invalid record, subsequent queries for which could crash the resolvers with an assertion failure. ISC provided a patch which makes named recover gracefully from the inconsistency, preventing the abnormal exit.

    The patch has two components. When a client query is handled, the code which processes the response to the client has to ask the cache for the records for the name that is being queried. The first component of the patch prevents the cache from returning the inconsistent data. The second component prevents named from crashing if it detects that it has been given an inconsistent answer of this nature.''

Happy updating!

[Tags: , , , ]

Disclaimer: All opinion expressed here is purely my own. No responsibility is taken for anything.

Access count: 35069071
Copyright (c) Hubert Feyrer