[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: 20020820: XDR libary buffer overflow vulnerability

This archive contains answers to questions sent to Unidata support through mid-2025. Note that the archive is no longer being updated. We provide the archive for reference; many of the answers presented here remain technically correct, even if somewhat outdated. For the most up-to-date information on the use of NSF Unidata software and data services, please consult the Software Documentation first.

  • Subject: Re: 20020820: XDR libary buffer overflow vulnerability
  • Date: Tue, 20 Aug 2002 10:10:51 -0600
>To: address@hidden
>From: "hanscom-2k\\winick\\address@hidden" <address@hidden>
>Subject: XDR libary buffer overflow vulnerability
>Organization: AFRL
>Keywords: 200208201446.g7KEk5K11946 netCDF XDR security

Hi Jeremy,

> I have updated my glibc on Linux for the vulnerability in the
> XDR call (SUN provided function) and was wondering whether that
> vulnerability was present in the netcdf-3.4-9 pre-built binary rpm package?
> I see that there is version netcdf-3.5.0-2 for i686 available for download,
> but the change log didn't suggest any changes. Since it does require glibc,
> are all the references to the offending function call fixed by updating that
> package?

NetCDF versions 2.4.3 (November 1996) and prior used xdr_array() from
the Sun library, so might be vulnerable.  None of the versions of
netCDF since that time call xdr_array() or any XDR library functions,
but instead use our own simpler (and presumably more secure)
substitutes.  See src/libsrc/ncx.x for our implementation of the XDR
functionality we needed for netCDF.

--Russ

_____________________________________________________________________

Russ Rew                                         UCAR Unidata Program
address@hidden                     http://www.unidata.ucar.edu