March 2006
Two AUSCERT Advisories: 1. AA-2006.0019 - IBM Tivoli Directory Server remote denial of service 2. AA-2006.0020 - Novell iChain 2.3 SP3 IR1 released fixing vulnerabilities
ID: 00254
Ref: 252/2006
Date: 30 March 2006:11:37:02
Version: 1
Title: Two AUSCERT Advisories: 1. AA-2006.0019 - IBM Tivoli Directory Server remote denial of service 2. AA-2006.0020 - Novell iChain 2.3 SP3 IR1 released fixing vulnerabilities
Abstract: 1. IBM Tivoli Directory Server 6.0 and prior is vulnerable to a denial of service when receiving a malformed LDAP request. 2. Novell iChain single sign-on system version 2.3 SP3 IR2 has been released fixing the following vulnerabilities:
Vendors affected: AusCERT
Operating systems affected: AusCERT
Applications affected: AusCERT
Title
=====
Two AUSCERT Advisories:
1. AA-2006.0019 - IBM Tivoli Directory Server remote denial of service
2. AA-2006.0020 - Novell iChain 2.3 SP3 IR1 released fixing vulnerabilities
Detail
======
1. IBM Tivoli Directory Server 6.0 and prior is vulnerable to a denial
of service when receiving a malformed LDAP request.
2. Novell iChain single sign-on system version 2.3 SP3 IR2 has been
released fixing the following vulnerabilities:
1.
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AA-2006.0019 AUSCERT Advisory
[Win][Linux][HP-UX][Solaris][AIX]
IBM Tivoli Directory Server remote denial of service
28 February 2006
- - ---------------------------------------------------------------------------
AusCERT Advisory Summary
------------------------
Product: Tivoli Directory Server 6.0 and prior
Operating System: Linux variants
AIX
HP-UX
Solaris
Windows
Impact: Denial of Service
Access: Remote/Unauthenticated
CVE Names: CVE-2006-0717
Member-only until: Tuesday, March 28 2006
OVERVIEW:
IBM Tivoli Directory Server 6.0 and prior is vulnerable to a denial
of service when receiving a malformed LDAP request.
IMPACT:
A remote attacker may cause a denial of service on the vulnerable
directory server, causing disruption to all LDAP clients.
It has not yet been disclosed whether or not this vulnerability
can be exploited to execute arbitrary code on the server.
MITIGATION:
IBM has released version 6.0 fix pack 1 resolving this issue. [1]
REFERENCES:
[1] IBM Tivoli Directory Server Version 6.0.0.1-TIV-ITDS-IF0009
http://www.ibm.com/support/docview.wss?uid=swg24011701
[2] Dailydave security list post
http://marc.theaimsgroup.com/?l=dailydave&m=113967583211536&w=2
AusCERT has made every effort to ensure that the information contained
in this document is accurate. However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.
If you believe that your computer system has been compromised or attacked in
any way, we encourage you to let us know by completing the secure National IT
Incident Reporting Form at:
http://www.auscert.org.au/render.html?it=3192
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
- -----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQCVAwUBRAOxMyh9+71yA2DNAQJtYwP+KruVhsqUSPKyGp8Hjqhg/INGejP1Ru24
jlVot9Uix6aBk6h+3OFgzMJMJm18sn5Y7evoPTNyuxgqvOIgYukrYwf9jGmlBDjK
8jY1BQIP8cIkV4FV/q3ce18NHaoHTnVHAsgmgCrdPqJjqmV7+0VN4So9VSOZ67Np
0xO5NfJdyl4=
=PQW0
- -----END PGP SIGNATURE-----
2.
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AA-2006.0020 AUSCERT Advisory
[NetWare][Win][Linux][Solaris]
Novell iChain 2.3 SP3 IR1 released fixing vulnerabilities
28 February 2006
- - ---------------------------------------------------------------------------
AusCERT Advisory Summary
------------------------
Product: Novell iChain 2.3 SP3 IR1 and prior
Operating System: Novell NetWare
Windows
Solaris
Linux variants
Impact: Inappropriate Access
Denial of Service
Access: Existing Account
Member-only until: Tuesday, March 28 2006
OVERVIEW:
Novell iChain single sign-on system version 2.3 SP3 IR2 has been
released fixing the following vulnerabilities:
1. Expired certificates will still grant access to protected resources.
2. Sending a double slash in a query string may cause the iChain server
to enter the debugger.
Several of the other issues fixed in this release may also potentially
have a security impact, however details have not yet been disclosed. [1]
IMPACT:
1. Existing users may retain inappropriate access using an expired
certificate.
2. An attacker may cause a denial of service.
MITIGATION:
Upgrade iChain to interim release 2.3 SP3 IR2.
REFERENCES:
[1] Novell iChain 2.3 Support Pack 3 Interim Release 2 - TID 2973289
http://support.novell.com/cgi-bin/search/searchtid.cgi?/2973289.htm
AusCERT has made every effort to ensure that the information contained
in this document is accurate. However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.
If you believe that your computer system has been compromised or attacked in
any way, we encourage you to let us know by completing the secure National IT
Incident Reporting Form at:
http://www.auscert.org.au/render.html?it=3192
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
- -----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQCVAwUBRAPwvSh9+71yA2DNAQJ0FQP/bxnPNfihribDCy8aRmh9JPBGPuZyKY2z
KitKT6VKQOsdo6tfys4a+j5npw9P/pz+PBMAws/GZe5b2/r9eXKih7kraANizAlX
wNT1/yZ3bXulpMmK7qQb4T2g8zgRDqmup5kEh/9cTPheqrw1uopX2P20dDr9OjrK
QbwRXlGr50A=
=joMM
- -----END PGP SIGNATURE-----