RPC Buffer Overrun Attack

A problem has been detected where an exploit program sends invalid packet data which causes a buffer overflow in DCE servers. After numerous attacks, the server will not respond to normal DCE requests. This buffer overflow may also affect DCE clients: If DCE clients have any open associations to a server, the overrun attack could hit that association and also cause it to overflow.

This problem affects all DCE products. The Entegrity patch fixes the buffer overflow condition and rejects invalid or improperly sized packets. This fix is required for all DCE systems.

This patch incorporates fixes for the
following CERT vulnerabilities:

      VU #259796
      VU #568148
      VU #326746
      VU #377804

Obtaining and Applying the Patches

If you have a valid support contract with Entegrity Solutions, follow the instructions below. If not, contact Entegrity Sales for information on obtaining this patch.

Linux

1. Download the most recent version of the software. (Read details about this version here.)
     


2. Install the software (follow the instructions in the Installation and Configuration Guide included in the documentation download and posted on the online Documentation Library).

Windows (PC-DCE)

1. Request the most recent version of the software.

  

2. Follow the instructions to download the software.

  

3. Install the software (follow the instructions in the Installation and Configuration Guide included in the documentation download and posted on the online Documentation Library).

Tru64 v4.1.4 (ifspec), v4.1.5, v4.2 and v4.3

NOTE: If you are using a version of Tru64 DCE/DFS not mentioned, contact Entegrity Technical Support.

1. Request the most recent version of the software.

  

2. Follow the instructions to download the software.

  

3. Install the software (follow the instructions in the Installation and Configuration Guide included in the documentation download and posted on the online Documentation Library).