-----BEGIN PGP SIGNED MESSAGE-----

Subject: Caldera Security Advisory SA-1997.35: Vulnerability in identd

Original report date:	04-Aug-1997
RPM build date:		11-Nov-1997
Advisory issue date:	31-Dec-1997

Topic: Vulnerability in identd package


I. Problem Description

	A vulnerability exists within pidentd that will allow a denial of
	service attack.
	
	identd operates by looking up specific TCP/IP  connections and
	returning the user name of the process owning the connection.
	It  can  optionally  return  other  information instead of a
	user name.

	pidentd is a particular implementation of the "Ident" protocol as
	described in RFC 1413.

II. Impact

	On systems such as Caldera OpenLinux 1.1, an unprivileged user
	can potentially initiate a large quantity of identd requests
	causing the system load to increase to the point of rendering
	the attacked machine unusable.

	This problem was present on the following OpenLinux releases:

		CND 1.0
		Base 1.0
		Lite 1.1
		Base 1.1
		Standard 1.1
	
	To determine if you are affected and need this update execute
	the following:

		rpm -q pident

	If the results show a version prior to pidentd-2.8a4-1.i386.rpm
	then you will need to update.


III. Solution

	The proper solution is to install the new pidentd package that
	contains the fixed version of identd.  The binary RPM package
	is located on Caldera's FTP server (ftp.caldera.com):

	/pub/openlinux/updates/1.1/current/RPMS/pidentd-2.8a4-1.i386.rpm

	Source code in an RPM format can also be obtained from:

	/pub/openlinux/updates/1.1/current/SRPMS/pidentd-2.8a4-1.src.rpm
	
	To install the new package execute (as root) the following command:

		rpm -U pidentd-2.8a4-1.i386.rpm
	
	The MD5 checksum (from the "md5sum" command) for these packages
	are:

	2adbc13dee00a907fef87dd2b50f1c2d  RPMS/pidentd-2.8a4-1.i386.rpm
	801c10eaa2a78fc8fa54d68209bcc748  SRPMS/pidentd-2.8a4-1.src.rpm


IV. References

	This and other Caldera security resources are located at:

		http://www.caldera.com/tech-ref/security/

	This security advisory report is based on the posting to the
	Bugtraq email list:

	From:		(Corinne Posse Releases) releases@CORINNE.MAC.EDU
	To:		BUGTRAQ@NETSPACE.ORG
	Date:		Mon, 4 Aug 1997 09:19:54 -0500
	Subject:	CPSR #8: identd Denial of Service
	Message-ID: Pine.NEB.3.95.970804091757.25418A-100000@corinne.cpio.org

	http://www.geek-girl.com/bugtraq/1997_3/0244.html

	http://www.internic.net/rfc/rfc1413.txt

	This update closes Caldera internal problem report #876.


V. PGP Signature

	This message was signed with the PGP key for security@caldera.com.

	This key can be obtained from:
		ftp://ftp.caldera.com/pub/pgp-keys/

	Or on an OpenLinux CDROM under:
		/OpenLinux/pgp-keys/

	$Id: SA-1997.35,v 1.4 1998/01/01 00:27:26 ron Exp $

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBNKrjKun+9R4958LpAQHJLgQAjVd64fXZrdFnrYV1WP7mhKpGSZEoOol8
JCgY3GnwKkDrusVpuSME+JCSrd5PZxv+BXPP3YnaMQ2ozvJMHRe5B3xkzx3pZP2G
jY+haaqqsSjNj3eOohb1h9NzyCPJhP4YiaqKXJKoAW30aqqnWH8yyC2Ba7NoSKup
skC+5yeirwQ=
=9DtX
-----END PGP SIGNATURE-----