int(1448)

Boletines de Vulnerabilidades

Múltiples desbordamientos de búfer en OpenSLP

Clasificación de la vulnerabilidad
Propiedad Valor
Nivel de Confianza Oficial
Impacto Obtener acceso
Dificultad Experto
Requerimientos del atacante Acceso remoto sin cuenta a un servicio exotico

Información sobre el sistema
Propiedad Valor
Fabricante afectado GNU/Linux
Software afectado OpenSLP

Descripción
Se han descubierto múltiples vulnerabilidades de desbordamiento de búfer en OpenSLP, una implementación de código abierto del protocolo SLP (Service Location Protocol) utilizado por estaciones de trabajo para localizar ciertos servicios y por servidores para anunciarlos.

La explotación de estas vulnerabilidades podría permitir a un atacante remoto ejecutar código arbitrario mediante el envío de paquetes SLP especialmente diseñados.

Solución


Actualización de software

SUSE Linux

SUSE Linux 9.2
x86
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/openslp-1.1.5-80.4.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/openslp-server-1.1.5-80.4.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/openslp-devel-1.1.5-80.4.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/openslp-1.1.5-80.4.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/openslp-server-1.1.5-80.4.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/openslp-devel-1.1.5-80.4.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/src/openslp-1.1.5-80.4.src.rpm
x86-64
ftp://ftp.suse.com/pub/suse/x86_64/update/9.2/rpm/x86_64/openslp-1.1.5-80.4.x86_64.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.2/rpm/x86_64/openslp-server-1.1.5-80.4.x86_64.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.2/rpm/x86_64/openslp-devel-1.1.5-80.4.x86_64.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.2/rpm/x86_64/openslp-1.1.5-80.4.x86_64.patch.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.2/rpm/x86_64/openslp-server-1.1.5-80.4.x86_64.patch.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.2/rpm/x86_64/openslp-devel-1.1.5-80.4.x86_64.patch.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.2/rpm/src/openslp-1.1.5-80.4.src.rpm

SUSE Linux 9.1
x86
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/openslp-1.1.5-73.15.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/openslp-server-1.1.5-73.15.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/openslp-devel-1.1.5-73.15.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/openslp-1.1.5-73.15.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/openslp-server-1.1.5-73.15.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/openslp-devel-1.1.5-73.15.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/openslp-1.1.5-73.15.src.rpm
x86-64
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/openslp-1.1.5-73.15.x86_64.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/openslp-server-1.1.5-73.15.x86_64.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/openslp-devel-1.1.5-73.15.x86_64.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/openslp-1.1.5-73.15.x86_64.patch.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/openslp-server-1.1.5-73.15.x86_64.patch.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/openslp-devel-1.1.5-73.15.x86_64.patch.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/openslp-1.1.5-73.15.src.rpm

Mandrake Linux

Mandrakelinux 10.0
x86
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/libopenslp1-1.0.11-5.1.100mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/libopenslp1-devel-1.0.11-5.1.100mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/openslp-1.0.11-5.1.100mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/SRPMS/openslp-1.0.11-5.1.100mdk.src.rpm
AMD64
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/lib64openslp1-1.0.11-5.1.100mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/lib64openslp1-devel-1.0.11-5.1.100mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/openslp-1.0.11-5.1.100mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/SRPMS/openslp-1.0.11-5.1.100mdk.src.rpm

Mandrakelinux 10.1
x86
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/libopenslp1-1.0.11-5.1.101mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/libopenslp1-devel-1.0.11-5.1.101mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/openslp-1.0.11-5.1.101mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/SRPMS/openslp-1.0.11-5.1.101mdk.src.rpm
X86_64
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/lib64openslp1-1.0.11-5.1.101mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/lib64openslp1-devel-1.0.11-5.1.101mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/openslp-1.0.11-5.1.101mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/SRPMS/openslp-1.0.11-5.1.101mdk.src.rpm

Corporate Server 3.0
x86
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/libopenslp1-1.0.11-5.1.C30mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/libopenslp1-devel-1.0.11-5.1.C30mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/SRPMS/openslp-1.0.11-5.1.C30mdk.src.rpm
X86_64
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/lib64openslp1-1.0.11-5.1.C30mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/lib64openslp1-devel-1.0.11-5.1.C30mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/SRPMS/openslp-1.0.11-5.1.C30mdk.src.rpm

Hewlett-Packard
HP-UX B.11.23 / PHNE_33508
http://itrc.hp.com
HP-UX B.11.11 / SLP Revision 1.2
http://software.hp.com

Identificadores estándar
Propiedad Valor
CVE CAN-2005-0769
BID 12792

Recursos adicionales
SUSE Security Announcement SUSE-SA:2005:015
http://www.novell.com/linux/security/advisories/2005_15_openslp.html

Mandrakesoft Security Advisories MDKSA-2005:055
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2005:055

HP SECURITY BULLETIN (HPSBUX02129)
https://www4.itrc.hp.com/service/cki/docDisplay.do?docId=c00717872

Histórico de versiones
Versión Comentario Fecha
1.0 Aviso emitido 2005-03-15
1.1 Aviso emitido por Mandrake (MDKSA-2005:055) 2005-03-16
1.2 CAN añadido 2005-04-01
1.3 Aviso emitido por HP (HPSBUX02129) 2006-10-09
1.4 Aviso actualizado por HP (HPSBUX02129) 2007-03-07

Miembros de

CERT
FIRST
TF-CSIRT
EGC Group
UE
Red Nacional de SOC
Foro Nacional de Ciberseguridad
CSIRT.es
Ministerio de Defensa
CNI
CCN
CCN-CERT