[NILESA-20050701] UnixWare 7.x RPC portmapper Dos Vulnerability
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
================================================================================
NileSOFT Security Advisory
-
--------------------------------------------------------------------------------
ID : NILESA-20050701
Title : rpcbind Invalid portmap Request Causes Denial of Service
Vendor : SCO
URL : www.sco.com
Product : UnixWare 7.x (and maybe other versions)
Severity: Moderate
Local : Possible
Remote : Possible
Date : 2005.07.25
CVE ID : CAN-2005-2132
Author : Yun Jonglim / NileSOFT (www.nilesoft.co.kr)
================================================================================
1. Summary
When the UnixWare 7.x version of the RPC portmapper(rpcbind) receives an invalid
portmap request from a remote (or local) host, it falls into a denial of service
state and cannot respond.
2. Vulnerability Description
When the UnixWare 7.x version of the RPC portmapper(rpcbind) receives a number
of
invalid portmap requests, it falls into a denial of service state and does not
respond to normal RPC portmap requests.
rpcbind maps each RPC service to the corresponding port for remote(or local) RPC
service requests. Therefore, when rpcbind falls into a denial of service state,
the port mapping does not operate normally and will cause most RPC services to
be
unusable.
3. Impact
The RPC services will not operate normally.
4. Remedy
SCO will be releasing the advisory and fix: SCOSA-2005.31.
http://www.sco.com/support/security/index.html
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.31
5. Disclosure Dates
2005/05/15 First discovered and analyzed
2005/06/01 Vender notified and initial response
2005/07/19 Vender Confirmed and patch prepared
2005/07/25 Advisory released
6. CVE Information
The Common Vulnerabilities and Exposures (CVE) project has assigned the
names CAN-2005-2132 to these issues. This is a candidate for inclusion
in the CVE list (http://cve.mitre.org), which standardizes names for
security problems.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (MingW32) - GPGshell v3.30
iQEVAwUBQubU3oFNV2ryoBXjAQIPBAf/apd71pVJN6tf3MRefWZgbBCrKIhMfEAr
fjn+9t8dcjg0v4PT5U2KBu6VeKS6h/Q1tuz9cfHxs4fSDrldgcSCjYqsnU6PrVDq
6VjwJgSzJ5KCam/5Lt4ORQWVW0kKrO6eQyEWC/wEBHfYimY7XaZrFmYVAL/k+wcG
AsPYvkBv2zaPdHLYPQJJkkGnxHiE04MWUgQbVP5iv1WfO1W9QpIiM1AHeeaP4Fy5
+mM58OgpGKCKZZs15869xHOOM4j1BN4non1AqpRrqq8GYWeXIkdkHRzeDayyxn0L
tb+1PVcX4m4gNvfMJHrx04RiAq02dTyJSZzHv2mIC66mKY4h4L/MUQ==
=wRT6
-----END PGP SIGNATURE-----