sdr security alert (from UCL MICE web site)
Stuart Levy
slevy at ncsa.uiuc.edu
Fri Jul 2 00:46:47 CDT 1999
Just noticed this announcement, on
http://www-mice.cs.ucl.ac.uk/multimedia/software/sdr/security.txt
This seems pretty nasty, and might be rather easy to exploit.
I haven't picked up a replacement yet, but the MICE web page
http://www-mice.cs.ucl.ac.uk/multimedia/software/
does have sdr 2.6.3 replacements available for Linux, FreeBSD, Windows,
Irix and Solaris.
===========================================================================
Monday 28th June 1999
A serious security alert was discovered in SDR.
This allowed remote intruders to execute arbitrary code with the privileges
of the sdr user. This problem existed in all recent versions of sdr and affects
both unix and windows versions.
Thanks to Olaf Kirch for bringing this problem to our attention.
This security problem was related to the SIP code in that incoming
announcements were not checked for TCL special characters thus allowing
the possibility that malicious users could embed tcl commands in SIP
packets which would then be executed.
This problem has been fixed in SDR 2.6.3. However, the SIP implementation
in SDR has been modified in that any TCL special characters are removed.
This is not in full accordance with the SIP specification which allows
their use.
Users should not use SDR implementations older than Version 2.6.3 which
was released on Friday 25th June 1999.
+-----------------------------------------------------------------------+
| Dr Edmund Whelan <E.Whelan at cs.ucl.ac.uk> Dept of Computer Science |
| Tel. +44 171 419 3688 University College London |
| Fax. +44 171 387 1397 Gower St, London WC1E 6BT |
+---------------- http://www.cs.ucl.ac.uk/staff/E.Whelan/ --------------+
More information about the ag-tech
mailing list