[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]
Re: [RHSA-2000:028-02] Netscape 4.73 available

From: "Jean-Mario" <jmcharest sympatico ca>
To: <jmcharest sympatico ca>
Cc: <linux-security redhat com>, <bugtraq securityfocus com>
Subject: Re: [RHSA-2000:028-02] Netscape 4.73 available
Date: Sat, 27 May 2000 09:35:36 -0400
----- Original Message -----
From: <bugzilla redhat com>
To: <redhat-watch-list redhat com>
Cc: <linux-security redhat com>; <bugtraq securityfocus com>
Sent: Friday, May 19, 2000 8:11 PM
Subject: [RHSA-2000:028-02] Netscape 4.73 available


> ---------------------------------------------------------------------
>                    Red Hat, Inc. Security Advisory
>
> Synopsis:          Netscape 4.73 available
> Advisory ID:       RHSA-2000:028-02
> Issue date:        2000-05-19
> Updated on:        2000-05-19
> Product:           Red Hat Linux
> Keywords:          netscape SSL telnet rlogin
> Cross references:
http://www.securityfocus.com/vdb/bottom.html?section=discussion&vid=1188
> ---------------------------------------------------------------------
>
> 1. Topic:
>
> Netscape 4.73 packages are available. These new packages fix
> bugs in SSL certificate validation; these bugs could allow
> for the compromising of encrypted SSL sessions.
>
> It is recommended that all users of Netscape update to the new packages.
>
> 2. Relevant releases/architectures:
>
> Red Hat Linux 5.2 - i386
> Red Hat Linux 6.2 - i386 alpha
>
> 3. Problem description:
>
> The description of the vulnerability, taken from
>   http://www.securityfocus.com/:
> --
> An   attacker  poisons  a  nameserver   to  redirect  all
> connections to www.goodguy.com, normally
> 100.100.100.100,    to    99.99.99.99,    www.badguy.com.
>
> The  attacker causes  all normal http  requests to return
> what  they normally would on www.goodguy.com, even though
> a   user  attempting  to   contact  www.goodguy.com  hits
> www.badguy.com.
>
> Upon  getting  a  hit  to  www.badguy.com,  the  attacker
> causes  an SSL connection to  be established. This can be
> done  by embedding a small image. The user may or may not
> get  a warning about establishing  a secure connection --
> this  warning is on by  default, although many users will
> choose  to disable  this warning.  The attacker  needs to
> use  a legitimate SSL key, certified by someone listed as
> trustworthy (thwate.com, for instance)
>
> The  user can  continue to shop to  their hearts content,
> on the real site, as it's being proxied.
>
> When  the user decides  to check out, it  will attempt to
> establish  an  SSL  connection  to www.goodguy.com.  Upon
> checking   the  ip   address  for   www.goodguy.com,  for
> establishing  an SSL connection, it will note that an SSL
> connection  already exists to it's  IP. The key, however,
> was  issued to www.badguy.com. The SSL connection will be
> established,  and  by  all indications  appear  to  go to
> www.goodguy.com,  when in  fact it is  to www.badguy.com.
>
> This  could  be  used by  a  would be  attacker  to steal
> information   such   as  credit   cards,  or   any  other
> information protected by SSL.
> ---
>
> Another minor vulnerability exists in current versions
> of Netscape; by default, netscape will respond to
> rlogin: and telnet: URLs by launching a helper application
> of the appropriate type. It is possible that when following URLs
> of these types that certain information about the local
> user (user name, environment settings) can be exposed to
> a remote host. To change the default associations to avoid
> this, users can go to Edit->Preferences, and choose
> Communicator->Applications. Then, change the default
> commands associated with 'telnet' and 'rlogin' to something
> that does not open up a connection to the remote host,
> for example, simply 'xterm'.
>
> 4. Solution:
>
> For each RPM for your particular architecture, run:
>
> rpm -Fvh [filename]
>
> where filename is the name of the RPM.
>
> For Red Hat Linux 5.0 and 5.1, use the Red Hat Linux 5.2
> packages. For Red Hat Linux 6.0 and 6.1, use the Red Hat Linux
> 6.2 packages.
>
> 5. Bug IDs fixed (http://bugzilla.redhat.com/bugzilla for more info):
>
> 11379 - Netscape 4.73 release for security problems in 4.72
>
>
> 6. RPMs required:
>
> Red Hat Linux 5.2:
>
> intel:
> ftp://ftp.redhat.com/5.2/i386/netscape-common-4.73-0.5.2.i386.rpm
> ftp://ftp.redhat.com/5.2/i386/netscape-navigator-4.73-0.5.2.i386.rpm
> ftp://ftp.redhat.com/5.2/i386/netscape-communicator-4.73-0.5.2.i386.rpm
>
> sources:
> ftp://ftp.redhat.com/5.2/SRPMS/netscape-4.73-0.5.2.src.rpm
>
> Red Hat Linux 6.2:
>
> intel:
> ftp://ftp.redhat.com/6.2/i386/netscape-common-4.73-1.i386.rpm
> ftp://ftp.redhat.com/6.2/i386/netscape-navigator-4.73-1.i386.rpm
> ftp://ftp.redhat.com/6.2/i386/netscape-communicator-4.73-1.i386.rpm
>
> alpha:
> ftp://ftp.redhat.com/6.2/alpha/netscape-common-4.73-1.alpha.rpm
> ftp://ftp.redhat.com/6.2/alpha/netscape-navigator-4.73-1.alpha.rpm
> ftp://ftp.redhat.com/6.2/alpha/netscape-communicator-4.73-1.alpha.rpm
>
> sources:
> ftp://ftp.redhat.com/6.2/SRPMS/netscape-4.73-1.src.rpm
> ftp://ftp.redhat.com/6.2/SRPMS/netscape-alpha-4.73-1.src.rpm
>
> 7. Verification:
>
> MD5 sum                           Package Name
> --------------------------------------------------------------------------
> 3e881194baf12d2d7e761a63041ba404  5.2/SRPMS/netscape-4.73-0.5.2.src.rpm
> 52498e09827f5e854f99e320e2923fc4
5.2/i386/netscape-common-4.73-0.5.2.i386.rpm
> 1e15dfb4454c36e7352cd1803974f871
5.2/i386/netscape-communicator-4.73-0.5.2.i386.rpm
> 703a4a0b80ca0c45967cb8cc569b0600
5.2/i386/netscape-navigator-4.73-0.5.2.i386.rpm
> a83932536aef2837be8733621c3415d0  6.2/SRPMS/netscape-4.73-1.src.rpm
> bb79a4d70ebc7ab6cd91c04fbb951ca8  6.2/SRPMS/netscape-alpha-4.73-1.src.rpm
> e800a7af7c20be924469aedb75ad807f
6.2/alpha/netscape-common-4.73-1.alpha.rpm
> 9502f4ec6d2c99f8f61329898f31450f
6.2/alpha/netscape-communicator-4.73-1.alpha.rpm
> d812be498d83e19dba903282c8805ee2
6.2/alpha/netscape-navigator-4.73-1.alpha.rpm
> de054f11902c5777446baff909da817c  6.2/i386/netscape-common-4.73-1.i386.rpm
> d3825c0c61838da0b35570fb0dc7e743
6.2/i386/netscape-communicator-4.73-1.i386.rpm
> aea9965093a8202196f637e8385035d9
6.2/i386/netscape-navigator-4.73-1.i386.rpm
>
> These packages are GPG signed by Red Hat, Inc. for security.  Our key
> is available at:
>     http://www.redhat.com/corp/contact.html
>
> You can verify each package with the following command:
>     rpm --checksig  <filename>
>
> If you only wish to verify that each package has not been corrupted or
> tampered with, examine only the md5sum with the following command:
>     rpm --checksig --nogpg <filename>
>
> 8. References:
>
> N/A
>
>
>
>
> --
>          To unsubscribe: mail redhat-watch-list-request redhat com with
>                        "unsubscribe" as the Subject.
>
>
References:
- [RHSA-2000:028-02] Netscape 4.73 available
  - From: bugzilla
[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]