-----BEGIN PGP SIGNED MESSAGE-----

Subject: Caldera Security Advisory SA-1997.35: Vulnerability in identd

Original report date:  04-Aug-1997
RPM build date:    11-Nov-1997
Advisory issue date:  31-Dec-1997

Topic: Vulnerability in identd package


I. Problem Description

  A vulnerability exists within pidentd that will allow a denial of
  service attack.
  
  identd operates by looking up specific TCP/IP  connections and
  returning the user name of the process owning the connection.
  It  can  optionally  return  other  information instead of a
  user name.

  pidentd is a particular implementation of the "Ident" protocol as
  described in RFC 1413.

II. Impact

  On systems such as Caldera OpenLinux 1.1, an unprivileged user
  can potentially initiate a large quantity of identd requests
  causing the system load to increase to the point of rendering
  the attacked machine unusable.

  This problem was present on the following OpenLinux releases:

    CND 1.0
    Base 1.0
    Lite 1.1
    Base 1.1
    Standard 1.1
  
  To determine if you are affected and need this update execute
  the following:

    rpm -q pident

  If the results show a version prior to pidentd-2.8a4-1.i386.rpm
  then you will need to update.


III. Solution

  The proper solution is to install the new pidentd package that
  contains the fixed version of identd.  The binary RPM package
  is located on Caldera's FTP server (ftp.caldera.com):

  /pub/openlinux/updates/1.1/current/RPMS/pidentd-2.8a4-1.i386.rpm

  Source code in an RPM format can also be obtained from:

  /pub/openlinux/updates/1.1/current/SRPMS/pidentd-2.8a4-1.src.rpm
  
  To install the new package execute (as root) the following command:

    rpm -U pidentd-2.8a4-1.i386.rpm
  
  The MD5 checksum (from the "md5sum" command) for these packages
  are:

  2adbc13dee00a907fef87dd2b50f1c2d  RPMS/pidentd-2.8a4-1.i386.rpm
  801c10eaa2a78fc8fa54d68209bcc748  SRPMS/pidentd-2.8a4-1.src.rpm


IV. References

  This and other Caldera security resources are located at:

    http://www.caldera.com/tech-ref/security/

  This security advisory report is based on the posting to the
  Bugtraq email list:

  From:    (Corinne Posse Releases) releases@CORINNE.MAC.EDU
  To:    BUGTRAQ@NETSPACE.ORG
  Date:    Mon, 4 Aug 1997 09:19:54 -0500
  Subject:  CPSR #8: identd Denial of Service
  Message-ID: Pine.NEB.3.95.970804091757.25418A-100000@corinne.cpio.org

  http://www.geek-girl.com/bugtraq/1997_3/0244.html

  http://www.internic.net/rfc/rfc1413.txt

  This update closes Caldera internal problem report #876.


V. PGP Signature

  This message was signed with the PGP key for security@caldera.com.

  This key can be obtained from:
    ftp://ftp.caldera.com/pub/pgp-keys/

  Or on an OpenLinux CDROM under:
    /OpenLinux/pgp-keys/

  $Id: SA-1997.35,v 1.4 1998/01/01 00:27:26 ron Exp $

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBNKrjKun+9R4958LpAQHJLgQAjVd64fXZrdFnrYV1WP7mhKpGSZEoOol8
JCgY3GnwKkDrusVpuSME+JCSrd5PZxv+BXPP3YnaMQ2ozvJMHRe5B3xkzx3pZP2G
jY+haaqqsSjNj3eOohb1h9NzyCPJhP4YiaqKXJKoAW30aqqnWH8yyC2Ba7NoSKup
skC+5yeirwQ=
=9DtX
-----END PGP SIGNATURE-----