TCP Wrappers Libwrap0 Hosts.Deny Bypass Vulnerability
BID:25485
Info
TCP Wrappers Libwrap0 Hosts.Deny Bypass Vulnerability
| Bugtraq ID: | 25485 |
| Class: | Design Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Aug 30 2007 12:00AM |
| Updated: | Sep 04 2007 09:11PM |
| Credit: | Jamin W. Collins is credited with the discovery of this issue. |
| Vulnerable: |
Wietse Venema TCP Wrappers 7.6 Ubuntu Ubuntu Linux 7.04 sparc Ubuntu Ubuntu Linux 7.04 powerpc Ubuntu Ubuntu Linux 7.04 i386 Ubuntu Ubuntu Linux 7.04 amd64 Debian Linux 4.0 |
| Not Vulnerable: | |
Discussion
TCP Wrappers Libwrap0 Hosts.Deny Bypass Vulnerability
TCP Wrappers is prone to a vulnerability that lets attackers bypass access control rules. This issue occurs because the 'daemon_or_port_match()' function fails to properly handle connections missing server socket details in the 'hosts.deny' file.
Successfully exploiting this issue allows attackers to bypass 'hosts.deny' rules, potentially aiding them in further network-based attacks.
TCP Wrappers implementations on a variety of operating platforms are vulnerable, including TCP Wrappers:libwrap0 shipped with Ubuntu 7.0.4 and TCP Wrappers:libwrap0 7.6.dbs-11 on Debian Linux. Other platforms may be affected as well.
TCP Wrappers is prone to a vulnerability that lets attackers bypass access control rules. This issue occurs because the 'daemon_or_port_match()' function fails to properly handle connections missing server socket details in the 'hosts.deny' file.
Successfully exploiting this issue allows attackers to bypass 'hosts.deny' rules, potentially aiding them in further network-based attacks.
TCP Wrappers implementations on a variety of operating platforms are vulnerable, including TCP Wrappers:libwrap0 shipped with Ubuntu 7.0.4 and TCP Wrappers:libwrap0 7.6.dbs-11 on Debian Linux. Other platforms may be affected as well.
Exploit / POC
TCP Wrappers Libwrap0 Hosts.Deny Bypass Vulnerability
Attackers use readily available network utilities to exploit this issue.
Attackers use readily available network utilities to exploit this issue.
Solution / Fix
TCP Wrappers Libwrap0 Hosts.Deny Bypass Vulnerability
Solution:
Multiple vendors have addressed this issue with patches and upgrades. Please see the references for more information.
Solution:
Multiple vendors have addressed this issue with patches and upgrades. Please see the references for more information.
References
TCP Wrappers Libwrap0 Hosts.Deny Bypass Vulnerability
References:
References:
- Debian bug report logs $ #405342; libwrap0: hosts.deny becomes useless (Debian)
- TCP Wrappers Homepage (Wietse Venema)