Title: PADL Software nss_ldap DNS Buffer Overflow Vulnerability
Severity: CRITICAL
Description:
nss_ldap is a module offered by Padl Software that allows a system to use LDAP directories as the source of information for user attributes and related data.
A buffer overflow condition has been reported in nss_ldap. When nss_ldap is configured without a value for the "host" parameter, it will attempt to configure itself using SRV DNS records. There is no bounds checking on data returned from the DNS server before it is copied into internal memory buffers. If it of excessive length, a buffer overrun condition will occur.
Operators of malicious DNS servers may exploit this condition to execute arbitrary code on target hosts. It may also be possible for attackers who do not control the DNS server to spoof malicious responses.
Successful exploitation of this vulnerability may result in compromise of root privileges to remote attackers.
Affected Products:
- Caldera OpenLinux Server 3.1.0
- Caldera OpenLinux Server 3.1.1
- Caldera OpenLinux Workstation 3.1.0
- Caldera OpenLinux Workstation 3.1.1
- MandrakeSoft Linux Mandrake 7.0.0
- MandrakeSoft Linux Mandrake 7.1.0
- MandrakeSoft Linux Mandrake 7.2.0
- MandrakeSoft Linux Mandrake 8.0.0
- MandrakeSoft Linux Mandrake 8.0.0 ppc
- MandrakeSoft Linux Mandrake 8.1.0
- MandrakeSoft Linux Mandrake 8.1.0 ia64
- MandrakeSoft Linux Mandrake 8.2.0
- MandrakeSoft Linux Mandrake 8.2.0 ppc
- MandrakeSoft Linux Mandrake 9.0.0
- MandrakeSoft Single Network Firewall 7.2.0
- PADL Software nss_ldap Build 105
- PADL Software nss_ldap Build 107
- PADL Software nss_ldap Build 113
- PADL Software nss_ldap Build 121
- PADL Software nss_ldap Build 122
- PADL Software nss_ldap Build 172
- PADL Software nss_ldap Build 173
- PADL Software nss_ldap Build 180
- PADL Software nss_ldap Build 181
- PADL Software nss_ldap Build 183
- PADL Software nss_ldap Build 184
- PADL Software nss_ldap Build 185
- PADL Software nss_ldap Build 185.1
- PADL Software nss_ldap Build 185.2
- PADL Software nss_ldap Build 185.3
- PADL Software nss_ldap Build 186
- PADL Software nss_ldap Build 187
- PADL Software nss_ldap Build 188
- PADL Software nss_ldap Build 189
- PADL Software nss_ldap Build 190
- PADL Software nss_ldap Build 191
- PADL Software nss_ldap Build 192
- PADL Software nss_ldap Build 194
- PADL Software nss_ldap Build 85
- RedHat Linux 6.1.0 alpha
- RedHat Linux 6.1.0 i386
- RedHat Linux 6.1.0 sparc
- RedHat Linux 6.2.0 alpha
- RedHat Linux 6.2.0 i386
- RedHat Linux 6.2.0 sparc
- RedHat Linux 7.0.0
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
