Bug 181302 (CVE-2007-5079) - CVE-2007-5079 gdm with xdmcp ignoring tcp_wrappers on x86_64
Summary: CVE-2007-5079 gdm with xdmcp ignoring tcp_wrappers on x86_64
Status: CLOSED ERRATA
Alias: CVE-2007-5079
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
(Show other bugs)
Version: unspecified
Hardware: x86_64 Linux
medium
medium
Target Milestone: ---
Assignee: Ray Strode [halfline]
QA Contact:
URL:
Whiteboard: impact=low,source=bugzilla,reported=2...
Keywords: Security
Depends On: 363011 363021 363031 363041 463927 625916
Blocks:
TreeView+ depends on / blocked
 
Reported: 2006-02-13 09:34 UTC by Peter Edgerton
Modified: 2018-10-27 14:43 UTC (History)
6 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2011-09-27 21:47:53 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2010:0657 normal SHIPPED_LIVE Low: gdm security and bug fix update 2010-08-26 18:17:43 UTC

Description Peter Edgerton 2006-02-13 09:34:38 UTC
From Bugzilla Helper:
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; iOpus-I-M; SV1)

Description of problem:
The x86_64 bit version of AS4 (fully patched) appears to ignore tcp_wrappers completely when using gdm with XDMCP. The 32 bit version of AS4 works perfectly so this bug appears to be restricted to the 64bit version. I suspect the problem with the wrappers on the 64 bit version may be a bit more general than just XDMCP access as I tested a telnet server and while the wrappers are not completely ignored connections are not refused cleanly (You donât get the login prompt but you are still hooked up to the machine). The 32 bit version again works perfectly.

Version-Release number of selected component (if applicable):
tcp_wrappers

How reproducible:
Always

Steps to Reproduce:
1. Instll the OS
2. Configure gdmsetup to allow remote XDMCP conectivity
3. configure hosts.deny to restrict conections all:all
  

Actual Results:  no restriction to remote desktop

Expected Results:  remote desktop should have been refused

Additional info:

Comment 2 RHEL Product and Program Management 2007-05-09 10:51:55 UTC
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux maintenance release.  Product Management has requested
further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for currently deployed
products.  This request is not yet committed for inclusion in an Update
release.

Comment 3 Tomas Janousek 2007-05-11 14:43:07 UTC
The gdm was not compiled and linked with tcp_wrappers on x86_64.

The configure script looks for libwrap.a in /usr/lib which is not present on a
x86_64 system. Also, the tcp_wrappers BuildRequires is completely missing.

Thanks for catching this, I'll be filling the same bug for RHEL5 and Fedoras.

Comment 6 Tomas Hoger 2007-09-25 08:36:19 UTC
CVE name was assigned to this issue - CVE-2007-5079.

Reassigning bug to Security Response product.

Comment 7 Tomas Hoger 2007-09-25 09:33:59 UTC
Tomas, Ray, can you confirm which versions are affected?  Besides RHEL4 in
original report, RHEL3 version seems to be affected too.  But I'm bit confused
about RHEL5 and Fedora, as gdm-binary does not seem to link against libwrap
there even on i386.  Is that intentional?


Comment 8 Tomas Janousek 2007-09-25 10:34:53 UTC
Any release that uses /usr/lib64 is affected. Fedora tries to avoid putting
bloat in the default buildroot, so it's completely possible that the missing
BuildRequires caused newer builds not to be linked with tcp_wrappers at all. The
bugzillas for el5 and fedora follow: bug 239818, bug 239820

Comment 10 Lubomir Kundrak 2007-11-09 18:11:24 UTC
Ray: Though I personally do not consider this to be a security issue, but a
feature issue, it seems that some other people don't think so, so I'd be glad if
you rolled new packages that would be built with tcp_wrappers and submitted an
update. Please let me know if you think this is not wise and might break some
configutations.

Comment 11 Ray Strode [halfline] 2007-11-09 18:49:12 UTC
I'm okay with doing an update to fix this problem.

Comment 12 loic 2008-09-25 05:59:27 UTC
The current version of gdm (2.6.0.5-7.rhel4.19  - 10 Apr 2008) still doesn't include the correction. Do you plan to take this into account in a future release ? Thanks.

Comment 13 Ray Strode [halfline] 2008-09-25 14:35:49 UTC
Hi Loic,

This bug is currently being evaluated for inclusion in a future update.  It's likely that this fix would go in with other GDM fixes, but not necessarily as an errata on its own.

Comment 20 errata-xmlrpc 2010-08-26 18:17:46 UTC
This issue has been addressed in following products:

  Red Hat Enterprise Linux 4

Via RHSA-2010:0657 https://rhn.redhat.com/errata/RHSA-2010-0657.html


Note You need to log in before you can comment on or make changes to this bug.