|
[20111216]
|
Two new NetBSD Security Advisories: OpenPAM and BIND resolver
The NetBSD Security Officers have released two new
security advisories about problems found in 3rd
party software that comes bundled with NetBSD's base system,
OpenPAM and the BIND resolver.
- NetBSD Security Advisory 2011-008: OpenPAM privilege escalation
Affects pkgsrc, all release branches and -current before 2011-11-09,
it's fixed in all branches (current, netbsd-4 and -5)
after that date.
Details from the advisory:
``The pam_start() function of OpenPAM doesn't check the "service"
argument. With a relative path it can be tricked into reading
a config file from an arbitrary location.
NetBSD base utilities pass fixed constant strings. 3rd party
programs which run with elevated privileges and allow user chosen
strings open an attack vector.''
- NetBSD Security Advisory 2011-009: BIND resolver DoS:
Affects pkgsrc, all release branches and -current from before
2011-11-20, it's fixed in the CVS branches after 2011-11-20.
Details from the advisory:
``Unpatched BIND 9 resolvers may cache an invalid record, subsequent
queries for which could crash the resolvers with an assertion failure.
ISC provided a patch which makes named recover gracefully from the
inconsistency, preventing the abnormal exit.
The patch has two components. When a client query is handled, the code
which processes the response to the client has to ask the cache for
the records for the name that is being queried. The first component
of the patch prevents the cache from returning the inconsistent data.
The second component prevents named from crashing if it detects
that it has been given an inconsistent answer of this nature.''
Happy updating!
[Tags: bind, openpam, pam, Security]
|
|
