CVE-2013-3707 - OES 11 Novell Remote Manager process vulnerable to DoS

  • 7014063
  • 07-Nov-2013
  • 07-Nov-2013

Environment

Novell Open Enterprise Server 11 (OES 11) Linux Support Pack 1
Novell Open Enterprise Server 11 (OES 11) Linux
Novell Open Enterprise Server 2 (OES 2) Linux




Situation

The HTTPSTK service listening on port 8009 does not properly close connections after a simple TCP handshake.  This can lead to a buildup of CLOSE_WAIT connections and prevent legitimate access;  Eventually causing  the service to crash.

The exploit does not require authentication and takes down a key service of the Novell server..

Resolution

Tentatively fixed in rpm novell-nrm-2.0.2-297.305.302.3 included in the OES-May-13 channel updates,  but still under testing/investigation.


Cause

Problem was that SSL_free and SSL_shutdown were not being called on erros. SSLsocket was being treated like a socket when it actually is a SSL connection.

Additional Information

Identifier(s):   CVE-2013-3707

Discovered and reported by:   "swappiness0"












Feedback service temporarily unavailable. For content questions or problems, please contact Support.