CERT: Security flaw in Sun library affects Kerberos

A security hole in the External Data Representation (XDR) Library provided to a number of vendors by Sun Microsystems could allow...

A security hole in the External Data Representation (XDR) Library provided to a number of vendors by Sun Microsystems could allow an attacker to execute arbitrary code on an affected system or cause a denial of service, according to an advisory released by the CERT Co-ordination Centre (CERT/CC).

The flaw also affects the widely used Kerberos authentication software that allows users to securely log on to remote systems.

The vulnerability exists in XDR libraries derived from SunRPC (remote procedure call) used in products from Sun, as well as those from Apple Computer, IBM and a number of Linux and Unix distributions, CERT/CC said.

These products include those that use the Sun network service library (libnsl), the BSD-derived XDR/RPC routines (libc) and the GNU C library with sunrpc (glibc), CERT/CC said.

The XDR Library is a method of sending processes from one system to another, usually over a network connection, without regard to platform, CERT/CC said.

The security hole comes in the xdr_array component of the XDR Library, where an integer overflow problem could lead to a buffer overflow, according to CERT/CC. Were an attacker to exploit these vulnerabilities, he or she would be able to run code of their choice on the target system, CERT/CC said.

Because of the number of systems that the XDR Library is included in, attacks can cause other problems, including denials of service and information disclosure, CERT/CC said.

Also potentially troublesome is the effect of the flaw on Kerberos, which could allow an attacker to gain access to a trusted Kerberos realm, CERT/CC said.

Affected software includes Apple's Mac OS X and Mac OS X Server, Debian Linux 3, IBM's AIX 4.3.3 and 5.1.0, the Kerberos software developed by the Massachusetts Institute of Technology and Sun's Solaris 2.5.1 through 9.

Users should contact their vendors to inquire about patch status. A more complete list of affected vendors and products, as well as their patch status, can be found at www.cert.org/advisories/CA-2002-25.html.

Read more on Hackers and cybercrime prevention

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.