Date: Fri, 29 Mar 2002 12:29:45 -0800
From: security@caldera.com
To: bugtraq@securityfocus.com, announce@lists.caldera.com,
Subject: Security Update: [CSSA-2002-013.0] Linux: Name Service Cache Daemon (nscd) advisory
--H4SyuGOnfnj3aJqJ
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
To: bugtraq@securityfocus.com announce@lists.caldera.com security-alerts@li=
nuxsecurity.com
___________________________________________________________________________=
___
Caldera International, Inc. Security Advisory
Subject: Linux: Name Service Cache Daemon (nscd) advisory
Advisory number: CSSA-2002-013.0
Issue date: 2002, March 26
Cross reference:
___________________________________________________________________________=
___
1. Problem Description
The Name Service Cache Daemon (nscd) has a default behavior that
does not allow applications to validate DNS "PTR" records against
"A" records.
In particular, nscd caches a request for a "PTR" record, and when a
request comes later for the "A" record, nscd simply divulges the
information from the cached "PTR" record, instead of querying the
authoritative DNS for the "A" record.
2. Vulnerable Supported Versions
System Package
-----------------------------------------------------------
OpenLinux Server 3.1 nscd
=20
OpenLinux Workstation 3.1 nscd
=20
OpenLinux Server 3.1.1 nscd
=20
OpenLinux Workstation 3.1.1 nscd
3. Solution
Workaround
Caldera recommends that this problem be worked around by
disabling the hosts cache in the nscd configuration file:
In /etc/nscd.conf, add the line
enable-cache hosts no
4. References
Specific references for this advisory:
none
Caldera OpenLinux security resources:
http://www.caldera.com/support/security/index.html
Caldera UNIX security resources:
http://stage.caldera.com/support/security/
5. Disclaimer
Caldera International, Inc. is not responsible for the misuse of
any of the information we provide on this website and/or through
our security advisories. Our advisories are a service to our
customers intended to promote secure installation and use of
Caldera International products.
6. Acknowledgements
Louis Imershein (louisi@caldera.com) discovered and researched this
vulnerability.
__________________________________________________________________________=
____
--H4SyuGOnfnj3aJqJ
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (SCO_SV)
Comment: For info see http://www.gnupg.org
iEYEARECAAYFAjykzrgACgkQbluZssSXDTH47gCfYZkzNgDcYGc+65j+om1mGMb2
o8oAnj4BfuM5gN0Bvdi381lK5GuibV4f
=yKNW
-----END PGP SIGNATURE-----
--H4SyuGOnfnj3aJqJ--
