This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Security impact of nscd and NSS module bugs (particularly NIS)

From: Florian Weimer <fweimer at redhat dot com>
To: GNU C Library <libc-alpha at sourceware dot org>
Date: Thu, 03 Jul 2014 14:30:38 +0200
Subject: Security impact of nscd and NSS module bugs (particularly NIS)
Authentication-results: sourceware.org; auth=none

It's quite difficult to for me to determine the security impact of bugsin ncsd. We have quite a few crashers under heavy load (threadingissues, cache size leading to stack overflows etc.). What's thereal-world impact of an nscd crash? Is there a functionality impact ifin-process NSS modules are used? (Let's ignore broken modules such asthe the old nss_ldap module.)

The other difficulty in this area is NIS. If we have a buffer overflowin processing data from NIS, is this a security bug? As far as I cantell, NIS is mostly used for accounts, so a malicious server could justserve an account with UID=0, so it's not obvious me that a trustboundary is crossed (which is required for a security vulnerability).

PS: Our friendly Bugzilla admins disabled notifications for security-transactions. Thanks!

--
Florian Weimer / Red Hat Product Security

Follow-Ups:
- Re: Security impact of nscd and NSS module bugs (particularly NIS)
  - From: Siddhesh Poyarekar
- Re: Security impact of nscd and NSS module bugs (particularly NIS)
  - From: Russ Allbery

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]