OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Microsoft (0_37894_0F0B756C-5457-6C40-B1BF-B4CDDD1694B1_US_at_Newsletters.Microsoft.com)
Date: Thu Oct 03 2002 - 00:34:45 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    -----BEGIN PGP SIGNED MESSAGE-----

    - ----------------------------------------------------------------------
    Title: Flaw in Services for Unix 3.0 Interix SDK Could Allow
                Code Execution (Q329209)
    Released: 02 October 2002
    Software: Services for Unix 3.0 Interix SDK
    Impact: Buffer overrun and denial of service
    Max Risk: Moderate
    Bulletin: MS02-057

    Microsoft encourages customers to review the Security Bulletin at:
    http://www.microsoft.com/technet/security/bulletin/MS02-057.asp.
    - ----------------------------------------------------------------------
    Issue:
    ======
    All three vulnerabilities discussed in this bulletin involve the
    inclusion of the Sun [TM] Microsystems RPC library in Microsoft's
    Services for UNIX (SFU) 3.0 on the Interix SDK. Developers who
    created applications or utilities using the Sun RPC library from
    the Interix SDK need to evaluate three vulnerabilities.

    Windows Services for UNIX (SFU) 3.0 provides a full range of cross-
    platform services to integrate Windows into existing UNIX environ-
    ments. In version 3.0, the Interix subsystem technology is built in
    so that Windows Services for UNIX 3.0 can provide platform inter-
    operability and application migration in one fully integrated and
    supported product from Microsoft. Developers who have integrated
    Windows into their existing UNIX environments may have used the
    Interix SDK to develop custom applications and utilities so that
    applications that only ran on the UNIX platform can now run in a
    Windows environment. Developers who used the Interix SDK to develop
    applications or utilities should read this bulletin.

    The first vulnerability is an integer overflow in the XDR library
    that ships with the Sun RPC library on the Interix SDK for
    Microsoft's Services for Unix (SFU) 3.0. An attacker could send a
    malicious RPC request to the RPC server from a remote machine and
    cause corruption in the server program. This can cause the server
    to fail and potentially allow the attacker to run code of his or
    her choice in the context of the server program.

    The second vulnerability is a buffer overrun. An attacker could send
    a malicious RPC request to the RPC server with an improper parameter
    size check. This could lead to a buffer overrun, causing the server
    to fail and preventing it from servicing any further requests from
    clients.

    The third vulnerability is an RPC implementation error. An app-
    Lication using the Sun RPC library does not properly check the size
    of client TCP requests. This could result in a denial of service
    to a server application using the Sun RPC library. The RPC library
    expects client TCP requests to specify the size of the record
    that follows. Because there is a flaw in the way RPC detects
    client packets, an attacker could send a malformed RPC request to
    the RPC server from a remote machine and cause the server to fail
    by not servicing any further client requests.

    After applying the patch, it is necessary to recompile any Interix
    application that is statically linked with the Interix SDK Sun RPC
    library.

    Mitigating Factors:
    ====================
    * Only applications or utilities that were created using the
          Interix SDK and specifically that use the Sun RPC library,
          would be affected by these vulnerabilities.
    * If an administrator or developer has only installed the
          Interix SDK but has not actually created applications with
          the SDK that use the Sun RPC library, the systems where the
          SDK was installed would not be vulnerable.

    Risk Rating:
    ============
     - Internet systems: Moderate
     - Intranet systems: Moderate
     - Client systems: Moderate

    Patch Availability:
    ===================
     - A patch is available to fix this vulnerability. Please read the
       Security Bulletin at
       http://www.microsoft.com/technet/security/bulletin/ms02-057.asp
       for information on obtaining this patch.

    - ---------------------------------------------------------------------

    THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS PROVIDED
    "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL
    WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF
    MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT
    SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY
    DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL,
    CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF
    MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE
    POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION
    OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES
    SO THE FOREGOING LIMITATION MAY NOT APPLY.

    -----BEGIN PGP SIGNATURE-----
    Version: PGP 7.1

    iQEVAwUBPZtve40ZSRQxA/UrAQHdXgf/ejvlfeHIg3/qqRNVr05cITb88aElEzmS
    54vEwb1h9YXhMzMBwm4nXyFLcG97wxJdWSUFkqKx8gzQtlJazOzCFHCKKCC1wU3Y
    teNZJY0D/xEgkRTaYeeEIqNqTq6646M4dHmhFlyfLPLz5Ak50lpeGAk3ZyMPnfl8
    uhypyBCy+1CmuxQE3RNMHw2Orz5jIwKWVYRjhfgQH11U537rCCW2cePadxYoDVpz
    VyR1iHTDo5bvZa7101qMb06rftijbAKRF4049USw14dd6v/0FxxmjfXu2w9ECL1U
    zwvrt8MaOWRPw/vt+kbF7kRFIDSUVuTN4xlf2kSC+zIOKdluvelhgw==
    =Y+ML
    -----END PGP SIGNATURE-----


    *******************************************************************

    You have received this e-mail bulletin because of your subscription to the Microsoft Product Security Notification Service. For more information on this service, please visit http://www.microsoft.com/technet/security/notify.asp.
     
    To verify the digital signature on this bulletin, please download our PGP key at http://www.microsoft.com/technet/security/notify.asp.
     
    To unsubscribe from the Microsoft Security Notification Service, please visit the Microsoft Profile Center at http://register.microsoft.com/regsys/pic.asp
     
    If you do not wish to use Microsoft Passport, you can unsubscribe from the Microsoft Security Notification Service via email as described below:
    Send an email to unsubscribe to the Service by following these steps:
    a. Send an e-mail to securremmicrosoft.com. The subject line and the message body are not used to process the subscription request, and can be anything you like.
    b. Send the e-mail.
    c. You will receive a response, asking you to verify that you really want to cancel your subscription. Compose a reply, and put "OK" in the message body. (Without the quotes). Send the reply.
    d. You will receive an e-mail telling you that your name has been removed from the subscriber list.
     
    For security-related information about Microsoft products, please visit the Microsoft Security Advisor web site at http://www.microsoft.com/security.