[ LUGOS ] [linux-security] ld.so vulnerability (fwd)

Jaka Mele jack na ro.zrsss.si
Tor Jul 22 11:21:32 CEST 1997

---------- Forwarded message ----------
Date: Tue, 22 Jul 1997 10:20:46 +0200
From: Olaf Kirch <okir na monad.swb.de>
Reply-To: linux-security na redhat.com
To: linux-alert na redhat.com
Cc: linux-security na redhat.com
Subject: [linux-security] ld.so vulnerability
Resent-Date: 22 Jul 1997 09:17:09 -0000
Resent-From: linux-security na redhat.com
Resent-cc: recipient.list.not.shown:;

		    ld.so Vulnerability

A buffer overflow problem was reported on bugtraq affecting the
ELF and a.out program loaders on Linux. This problem can possibly be
exploited by malicious users to obtain root access.

On Linux, programs linked against shared libraries execute some code
contained in /lib/ld.so (for a.out binaries) or /lib/ld-linux.so (for
ELF binaries), which loads the shared libraries and binds all symbols.
If an error occurs during this stage, an error message is printed
and the program terminates. The printf replacement used at this stage
is not protected from buffer overruns.

David Engel has released a fixed ld.so as


This release should soon appear on sunsite.unc.edu in /pub/Linux/GCC.
Note that ld.so-1.9 does not support the old a.out format anymore.

The following Linux distribution maintainers and vendors have released
fixed packages of ld.so:

Vendor:		S.u.S.E
Product:	S.u.S.E Linux 5.0
Status:		Affected, fix available
Location:	ftp://ftp.suse.com/pub/suse_update/S.u.S.E.-5.0/a1
Files:		c7648fbfd29fc56905e1d569f617a811  ld.so-1.9.3.dif
		c7fba9a7f4040812307841f683ef4abc  ld.so-1.9.3.tar.gz
		19f71cfc08a69d8ecf1703e5307459a0  ldso.changes
		fd64cc73f699a2c28a809e1b7b61700e  ldso.rpm
		b3f1350e916381bd7e97c7087fc49535  ldso.tgz

Vendor:		Caldera
Product:	Caldera OpenLinux Lite, Base and Standard 1.1
Status:		Affected, fix available
Location:	ftp://ftp.caldera.com/pub/openlinux/updates/1.1/004
Files:		2fed2dd482fe44e020a4bd40fdd2059e  ld.so-1.7.14-5.src.rpm
		572974e8f777b6da7d67aed15db9c115  ld.so-1.7.14-5.i386.rpm
Note:		ELF support only.

Vendor:		RedHat
Product:	RedHat Linux 4.0, 4.1 and 4.2
Status:		Affected, fix available
Location:	ftp://ftp.redhat.com/updates/4.2
Files:		d8883e254021de3058b9c7d3174e9b28  i386/ld.so-1.7.14-5.i386.rpm
		2ab8e35978d81a57a340c81584e78785  sparc/ld.so-sparc-1.8.3-3.sparc.rpm
Note:		Files pgp-signed, key available from install CD or
		PGP key servers.

Vendor:		Debian
Product:	Debian GNU/Linux
Status:		Affected, fix available
Location:	ftp://ftp.debian.org/debian/bo-updates
Files:		c044d31c1a7f434837ec648c97481b76  ld.so_1.8.10-2.1.dsc
		bd6a94d00b6aeb10363b92e4f77a1a30  ld.so_1.8.10-2.1.tar.gz
		edea24550bf5f5a3c92a4a6319fe60b0  ldso_1.8.10-2.1_i386.deb

Vendor:		Delix
Product:	DLD 5.2
Status:		Affected, fix available
Location:	ftp://ftp.delix.de/pub/Linux/DLD-5.2/updates
Files:		156f551820e1f7305cf2c19d1cbddc68 *ld.so-1.9.2-3.i386.rpm
		bbeb99ac166d5c7cfde52346949da363 *ld.so-devel-1.9.2-3.i386.rpm

Vendor:		LST
Product:	LST Power Linux 2.2
Status:		Affected, fix available
Location:	Same as for Caldera above.

Dodatne informacije o seznamu Starilist