Eye catching headlines are seen every day on the web, but one needs to
be careful not to distort the contents of the article. A recent SecuriTeam
article
is headlined "Holes in the Linux Random Number Generator" but that title
overstates the actual contents of the
paper (PDF) it is announcing.
The three authors of the paper provide a nice detailed description of the
Linux random number generator (RNG) and the algorithms that it uses, while
also reporting a very theoretical attack. The basic attack is against the
"forward security" of the RNG via a single compromise of the contents of
the entropy pool. This value can be used to run the RNG algorithm in reverse
and recover previous states of the entropy pool. Doing this enough times
can recover keys that have been previously generated.
There are a number of reasons why this attack is considered to have little
impact on real world systems. The most obvious is that if an attacker can
access the state of the entropy pool, they have already broken the security
of the system and can, as root, do any number of different things to the
system. If recovering previously generated keys is the object of the attack,
the paper outlines ways to do that, but the processing requirements are
enormous as Ted Ts'o points out:
To put this in
perspective, generating a 1024 bit RSA key will require approximately
14 turns of the crank, so if you are lucky with the positioning of the
index *and* you penetrate the machine and capture the state of the
pool (which as I mentioned, probably means you've rooted the box and
the system will probably have to be reinstalled from trusted media
anyway), *and* a 1024-bit RSA key had just been generated, you would
be able to determine that 1024-bit RSA key with a work factor of
approximately O(2**68) if you are lucky (probability 1 in 8), and
O(2**96) if you are not.
The paper also describes a well known feature of the Linux RNG implementation
as if it were a newly discovered denial of service issue. The
/dev/random device
was specifically designed to block when the entropy pool had insufficient
entropy to satisfy the request. The /dev/urandom device is
provided as an alternative that generates very good random numbers and
does not block (and is therefore not
vulnerable to a denial of service).
For any but the most sensitive applications (key generation being an
obvious choice), /dev/urandom is the recommended source for random
numbers. Alan Cox sums up the situation nicely:
The denial of service when no true entropy exists is intentional and
long discussed. User consumption of entropy can be controlled by
conventional file permissions, acls and SELinux already, or by a policy
daemon or combinations thereof. It is clearly better to refuse to give
out entropy to people than to give false entropy.
The paper has sparked an interesting
discussion
on the linux kernel mailing list and has lead to some concrete suggestions
for improving the algorithm, but it would be an exaggeration to conclude that
the paper describes real world Linux security concerns. An administrator
or security professional reading the SecuriTeam headline might easily
be led astray.
Hendrik Weimer discovered that specially crafted web requests can
cause awstats, a powerful and featureful web server log analyzer, to
execute arbitrary commands.
A buffer overflow in Cscope 15.5, and possibly multiple overflows, allows
remote attackers to execute arbitrary code via a C file with a long
#include line that is later browsed by the target.
The dia drawing utility suffers from several format string vulnerabilities exploitable via a maliciously crafted dia file - or a file with a well-chosen name.
Matteo Rosi and Leonardo Maccari discovered that hostapd, a wifi network
authenticator daemon, performs insufficient boundary checks on a key length
value, which might be exploited to crash the service.
Memory leak in __setlease in fs/locks.c in Linux kernel before 2.6.16.16
allows attackers to cause a denial of service (memory consumption) via
unspecified actions related to an "uninitialized return value," aka "slab
leak."
lease_init in fs/locks.c in Linux kernel before 2.6.16.16 allows attackers
to cause a denial of service (fcntl_setlease lockup) via actions that cause
lease_init to free a lock that might not have been allocated on the stack.
Jan Rekorajski discovered that the kernel patch for virtual private servers
does not limit context capabilities to the root user within the virtual
server, which might lead to privilege escalation for some virtual server
specific operations.
Sven Dreyer discovered that KPhone, a Voice over IP client for KDE,
creates a configuration file world-readable, which could leak sensitive
information like SIP passwords.
Luigi Auriemma has found two heap-based buffer overflows in libextractor
0.5.13 and earlier: one of them occurs in the asf_read_header function in
the ASF plugin, and the other occurs in the parse_trak_atom function in the
Qt plugin.
According to this Secunia
advisory, a weakness exists in OpenLDAP which is caused due to a
boundary error in slurpd within the handling of the status file. This can
be exploited to cause a stack-based buffer overflow via an overly long
hostname read from the status file. The weakness has been reported to be in
OpenLDAP version 2.3.21 and earlier.
It was discovered that phpbb2, a web based bulletin board, insufficiently
sanitizes values passed to the "Font Color 3" setting, which might lead to
the execution of injected code by admin users.
It was discovered that the Avatar upload feature of FUD Forum, a component
of the web based groupware system phpgroupware, does not sufficiently
validate uploaded files, which might lead to the execution of injected web
script code.
It has been discovered that popfile, a bayesian mail classifier, can
be forced into a crash through malformed character sets within email
messages, which allows denial of service.
The PostgreSQL team has put out a set of "urgent updates" (in the form of the 7.3.15, 7.4.13, 8.0.8, and 8.1.4 releases) closing a
newly-discovered set of SQL injection issues. Details about the problem
can be found on the
technical information page; in short: multi-byte encodings can be used
to defeat normal string sanitizing techniques. The update fixes one problem
related to invalid multi-byte characters, but punts on another by simply
disallowing the old, unsafe technique of escaping single quotes with a
backslash.
A security problem
is zoo's fullpath() function could cause problems if zoo was run in an
automated way, or if a user were to open a malicious zoo archive manually.
There a bug involving Apache 1.3.35 and glib concerning
wildcards in Include directives. If an Include statement
is issued in an already included file, Apache can be caused to
crash.
Damian Put discovered that Blender did not properly validate a 'length'
value in .blend files. Negative values led to an insufficiently sized
memory allocation. By tricking a user into opening a specially crafted
.blend file, this could be exploited to execute arbitrary code with the
privileges of the Blender user.
The BusyBox 1.1.1 passwd command does not use a proper salt when generating
passwords. This would create an instance where a brute force attack could
take very little time.
A race condition in bzip2 1.0.2 and earlier allows local users to modify
permissions of arbitrary files via a hard link attack on a file while it is
being decompressed, whose permissions are changed by bzip2 after the
decompression is complete. Also specially crafted bzip2 archives may cause
an infinite loop in the decompressor.
From the Debian-Testing alert: Mehdi Oudad "deepfear" and Kevin Fernandez "Siegfried" from the Zone-H
Research Team discovered a buffer overflow in kkstrtext.h of the ktools
library, which is included in (at least) centericq and motor.
Richard Harms discovered that cpio did not sufficiently validate file
properties when creating archives. Files with e. g. a very large size
caused a buffer overflow. By tricking a user or an automatic backup
system into putting a specially crafted file into a cpio archive, a
local attacker could probably exploit this to execute arbitrary code
with the privileges of the target user (which is likely root in an
automatic backup system).
Heap-based buffer overflow in cURL and libcURL 7.15.0 through 7.15.2 allows
remote attackers to execute arbitrary commands via a TFTP URL (tftp://)
with a valid hostname and a long path.
Cyrus-SASL contains an unspecified vulnerability in the DIGEST-MD5
process that could lead to a Denial of Service. An attacker could possibly
exploit this vulnerability by sending specially crafted data stream to the
Cyrus-SASL server, resulting in a Denial of Service even if the attacker is
not able to authenticate.
Erik Sjölund has discovered several security relevant problems in enscript,
a program to convert ASCII text into Postscript and other formats.
Unsanitized input can cause the execution of arbitrary commands via EPSF
pipe support. Due to missing sanitizing of filenames it is possible that a
specially crafted filename can cause arbitrary commands to be executed.
Multiple buffer overflows can cause the program to crash.
The fbgs script in the fbi package 2.01-1.4, when the TMPDIR environment
variable is not defined, allows local users to overwrite arbitrary files
via a symlink attack on temporary files in /var/tmp/fbps-[PID].
Fetchmail contains a bug which allows a malicious mail server to crash the
client by sending a message without headers. This occurs when running in
multidrop mode.
There are multiple
vulnerabilities in Firefox and related products including Thunderbird,
SeaMonkey and the Mozilla Suite. This CERT
Advisory contains additional information.
There is a vulnerability in the foomatic-filters package. This
vulnerability is due to insufficient checking of command-line parameters
and environment variables in the foomatic-rip filter. This vulnerability
may allow both local and remote attackers to execute arbitrary commands on
the print server with the permissions of the spooler.
An unspecified vulnerability in FreeRADIUS 1.0.0 up to 1.1.0 allows remote
attackers to bypass authentication or cause a denial of service (server
crash) via "Insufficient input validation" in the EAP-MSCHAPv2 state
machine module.
Tavis Ormandy of the Gentoo Linux Security Audit Team discovered an integer
overflow in the BFD library, resulting in a heap overflow. A review also
showed that by default, gdb insecurely sources initialization files from
the working directory. Successful exploitation would result in the
execution of arbitrary code on loading a specially crafted object file or
the execution of arbitrary commands.
A format string vulnerability has been discovered in gedit. Calling
the program with specially crafted file names caused a buffer
overflow, which could be exploited to execute arbitrary code with the
privileges of the gedit user.
zgrep in gzip before 1.3.5 does not handle shell metacharacters like '|'
and '&' properly when they occurred in input file names. This could be
exploited to execute arbitrary commands with user privileges if zgrep is
run in an untrusted directory with specially crafted file names.
ipsec-tools has a remote
denial of service vulnerability in the racoon daemon.
If racoon is running in aggressive mode, it fails to check all peer
payloads during
When the daemon the IKE negotiation phase, allowing a malicious peer
to crash the daemon. One should always be careful around aggressive racoons.
The kdebase package (and kcheckpass in particular) found in KDE versions 3.2.0 through 3.4.2 suffers from a lock file handling error which can enable a local attacker to obtain root access. See this advisory for details.
Kate / Kwrite, as shipped with KDE 3.2.x up to including 3.4.0, creates a file backup before saving a modified file. These backup files are created with default permissions, even if the original file had more strict permissions set. See this advisory for more information.
Multiple vulnerabilities in the Linux have been found.
An error in the Stream Control Transmission Protocol (SCTP) code that
uses incorrect state table entries when certain ECNE chunks are received in
CLOSED state, could be exploited by attackers to cause a kernel panic via a
specially crafted packet.
An error exist when handling incoming IP-fragmented SCTP control
chunks, which could be exploited by attackers to cause a kernel panic via a
specially crafted packet.
Linux SCTP (lksctp) allows remote attackers to cause a denial of
service (infinite recursion and crash) via a packet that contains two or
more DATA fragments, which causes an skb pointer to refer back to itself
when the full message is reassembled, leading to infinite recursion in the
sctp_skb_pull function
Linux SCTP (lksctp) allows remote attackers to cause a denial of
service (deadlock) via a large number of small messages to a receiver
application that cannot process the messages quickly enough, which leads to
"spillover of the receive buffer."
A vulnerability has been identified due to an input validation error
when processing arguments containing backslash ("\\") characters passed to
certain commands (e.g. "cd"), which could be exploited by authenticated
attackers to escape chroot restrictions for a CIFS or SMBFS mounted
filesystem.
A number of vulnerabilities have been found in the Linux kernel, including a PPP-related denial of service problem, an integer overflow in the epoll() code, memory corruption in the ELF loader, and exploitable overflows in the ISO9660 code.
Szymon Zygmunt and Michal Bartoszkiewicz discovered a memory alignment
error in libgadu (from ekg, console Gadu Gadu client, an instant
messaging program) which is included in gaim, a multi-protocol instant
messaging client, as well. This can not be exploited on the x86
architecture but on others, e.g. on Sparc and lead to a bus error,
in other words a denial of service.
Several buffer overflows have been discovered in libgd's PNG handling
functions.
If an attacker tricked a user into loading a malicious PNG image, they
could leverage this into executing arbitrary code in the context of
the user opening image. Most importantly, this library is commonly
used in PHP. One possible target would be a PHP driven photo website
that lets users upload images. Therefore this vulnerability might lead
to privilege escalation to a web server's privileges.
Multiple buffer overflows in the gd graphics library (libgd) 2.0.21 and
earlier may allow remote attackers to execute arbitrary code via malformed
image files that trigger the overflows due to improper calls to the
gdMalloc function.
libpam-ldap, the PAM LDAP interface, has a vulnerability in which
it fails to authenticate with an LDAP server which is not configured
properly, allowing an authentication bypass.
A heap based buffer overflow bug was found in the way libpng strips alpha
channels from a PNG image. An attacker could create a carefully crafted PNG
image file in such a way that it could cause an application linked with
libpng to crash or execute arbitrary code when the file is opened by a
victim.
Multiple vulnerabilities in libtiff before 3.8.1 allow context-dependent
attackers to cause a denial of service via a TIFF image that triggers
errors in (1) the TIFFFetchAnyArray function in (a) tif_dirread.c; (2)
certain "codec cleanup methods" in (b) tif_lzw.c, (c) tif_pixarlog.c, and
(d) tif_zip.c; (3) and improper restoration of setfield and getfield
methods in cleanup functions within (e) tif_jpeg.c, tif_pixarlog.c, (f)
tif_fax3.c, and tif_zip.c.
Yuuichi Teranishi discovered a flaw in libxml2 versions prior to 2.6.6.
When fetching a remote resource via FTP or HTTP, libxml2 uses special
parsing routines. These routines can overflow a buffer if passed a very
long URL. If an attacker is able to find an application using libxml2 that
parses remote resources and allows them to influence the URL, then this
flaw could be used to execute arbitrary code.
libxml2 prior to version 2.6.14 has multiple buffer overflow
vulnerabilities, if a local user passes a specially crafted
FTP URL, arbitrary code may be executed.
An arbitrary command execute bug was found in the lynx "lynxcgi:" URI
handler. An attacker could create a web page redirecting to a malicious URL
which could execute arbitrary code as the user running lynx.
Mailman 2.1.5 and below have a denial of service vulnerability
in the Scrubber.py script. If a maliciously created message
with a mime multi part format is received, mailman delivery
can be stopped.
MySQL 5.0.18 and earlier allows local users to bypass logging mechanisms
via SQL queries that contain the NULL character, which are not properly
handled by the mysql_real_query function. NOTE: this issue was originally
reported for the mysql_query function, but the vendor states that since
mysql_query expects a null character, this is not an issue for mysql_query.
Stefano Di Paola discovered an information leak in the login packet
parser. By sending a specially crafted malformed login packet, a
remote attacker could exploit this to read a random piece of memory,
which could potentially reveal sensitive data. (CVE-2006-1516)
Stefano Di Paola also found a similar information leak in the parser
for the COM_TABLE_DUMP request. (CVE-2006-1517)
A buffer overflow in CGI scripts in Nagios 1.x before 1.4 and 2.x before
2.3 allows remote attackers to execute arbitrary code via a negative
content length (Content-Length) HTTP header.
Kurt Fitzner discovered that the NBD (network block device) server did not
correctly verify the maximum size of request packets. By sending specially
crafted large request packets, a remote attacker who is allowed to access
the server could exploit this to execute arbitrary code with root
privileges.
When starting xntpd with the -u option and specifying the
group by using a string not a numeric gid the daemon uses
the gid of the user not the group. This problem is now fixed
by this update.
The libUil component of the OpenMotif toolkit has a pair of buffer
overflow vulnerabilities that can possibly be used for the execution
of arbitrary code.
There are two vulnerabilities with perl when it is used in a setuid mode. The PERLIO_DEBUG environment variable can be used to overwrite arbitrary files; there is also an associated buffer overflow which can be exploited to gain root access.
There are several vulnerabilities in PHP v5.1.2 and earlier.
A cross-site scripting (XSS) vulnerability in phpinfo (info.c) allows
remote attackers to inject arbitrary web script or HTML via long array
variables. (CVE-2006-0996)
A directory traversal vulnerability in file.c allows local users to
bypass open_basedir restrictions and allows remote attackers to create
files in arbitrary directories via the tempnam function. (CVE-2006-1494)
The copy function in file.c allows local users to bypass safe mode and
read arbitrary files via a source argument containing a compress.zlib://
URI. (CVE-2006-1608)
The phpbb2 web forum has a number of vulnerabilities including:
a web script injection problem, a protection mechanism bypass, a
security check bypass, a remote global variable bypass, cross site
scripting vulnerabilities, an SQL injection vulnerability,
a remote regular expression modification problem, missing input
sanitizing, and a missing request validation problem.
Several cross-site scripting vulnerabilities have been discovered in
phpLDAPadmin, a web based interface for administering LDAP servers,
that allows remote attackers to inject arbitrary web script or HTML.
Stefan Esser reported multiple vulnerabilities
found in phpMyAdmin. The $GLOBALS variable allows modifying the global
variable import_blacklist to open phpMyAdmin to local and remote file
inclusion, depending on your PHP version (CVE-2005-4079, PMASA-2005-9).
Furthermore, it is also possible to conduct an XSS attack via the
$HTTP_HOST variable and a local and remote file inclusion because the
contents of the variable are under total control of the attacker
(CVE-2005-3665, PMASA-2005-8).
HTTP requests with conflicting Content-Length and Transfer-Encoding headers
could lead to HTTP Request Smuggling Attack, which can be exploited to
bypass packet filters or poison web caches.
Py2Play uses Python pickles to send objects over a peer-to-peer game network, that clients accept without restriction the objects and code sent by peers. A remote attacker participating in a Py2Play-powered game can send
malicious Python pickles, resulting in the execution of arbitrary
Python code on the targeted game client.
Paul Jakma discovered that Quagga's ripd daemon did not properly
handle authentication of RIPv1 requests. If the RIPv1 protocol had
been disabled, or authentication for RIPv2 had been enabled, ripd
still replied to RIPv1 requests, which could lead to information
disclosure. (CVE-2006-2223)
Paul Jakma also noticed that ripd accepted unauthenticated RIPv1
response packets if RIPv2 was configured to require authentication and
both protocols were allowed. A remote attacker could exploit this to
inject arbitrary routes. (CVE-2006-2224)
Fredrik Widell discovered that Quagga did not properly handle certain
invalid 'sh ip bgp' commands. By sending special commands to Quagga, a
remote attacker with telnet access to the Quagga server could exploit
this to trigger an endless loop in the daemon (Denial of Service).
(CVE-2006-2276)
An integer overflow in the receive_xattr function in the extended
attributes patch (xattr.c) for rsync before 2.6.8 might allow attackers to
execute arbitrary code via crafted extended attributes that trigger a
buffer overflow.
Luigi Auriemma discovered multiple flaws in the Scorched 3D game
server, including a format string vulnerability and several buffer
overflows. A remote attacker could exploit these vulnerabilities to crash
a game server or execute arbitrary code with the rights of the game server
user.
Webmail.php in SquirrelMail 1.4.0 to 1.4.5 allows remote attackers to
inject arbitrary web pages into the right frame via a URL in the
right_frame parameter. NOTE: this has been called a cross-site scripting
(XSS) issue, but it is different than what is normally identified as
XSS. (CVE-2006-0188)
Interpretation conflict in the MagicHTML filter in SquirrelMail 1.4.0 to
1.4.5 allows remote attackers to conduct cross-site scripting (XSS) attacks
via style sheet specifiers with invalid (1) "/*" and "*/" comments, or (2)
a newline in a "url" specifier, which is processed by certain web browsers
including Internet Explorer. (CVE-2006-0195)
CRLF injection vulnerability in SquirrelMail 1.4.0 to 1.4.5 allows remote
attackers to inject arbitrary IMAP commands via newline characters in the
mailbox parameter of the sqimap_mailbox_select command, aka "IMAP
injection." (CVE-2006-0377)
The teTeX PDF parsing library has an integer overflow vulnerability.
A carefully crafted PDF file can be used by an attacker to crash
teTeX and possibly execute arbitrary code.
A buffer overflow in UnZip 5.50 and earlier allows local users to execute
arbitrary code via a long filename command line argument. NOTE: since the
overflow occurs in a non-setuid program, there are not many scenarios under
which it poses a vulnerability, unless unzip is passed long arguments when
it is invoked from other programs.
xtensive testing of libwww's handling of multipart/byteranges content from
HTTP/1.1 servers revealed multiple logical flaws and bugs in
Library/src/HTBound.c
David Maciejak noticed that webcalendar, a PHP-Based multi-user calendar,
returns different error messages on login attempts for an invalid password
and a non-existing user, allowing remote attackers to gain information
about valid usernames.
xine-lib does an improper input data boundary check on
MPEG streams. A specially crafted MPEG file can be
created that can cause arbitrary code execution when the
file is accessed.
There is a buffer overflow in the Xrender extension of the X.Org server; any process which is able to connect to the server may be able to exploit this overflow to run arbitrary code. Since the X server runs as root on most systems, this vulnerability could be exploited to gain root access. See the X.Org advisory for more information.
A flaw was discovered in Xpdf in that could allow an attacker to construct
a carefully crafted PDF file that would cause Xpdf to consume all available
disk space in /tmp when opened.
xpdf has a number of integer overflows.
A remote attacker can trick a user into opening a maliciously
crafted pdf file, allowing the attacker to execute code with the
privileges of the local user.
This also affects the Poppler library, cupsys and tetex-bin.
In some cases, xscreensaver did not properly grab the keyboard when
reading the password for unlocking the screen, so that the password
was typed into the currently active application window. The only known
vulnerable case was when xscreensaver activated while an rdesktop session
was currently active.
Andrea Barisani of Gentoo Linux discovered xzgv and zgv allocate
insufficient memory when rendering images with more than 3 output
components, such as images using the YCCK or CMYK colour space. When
xzgv or zgv attempt to render the image, data from the image overruns a
heap allocated buffer.
