Vulnerability Note VU#927278

Multiple vulnerabilities in X.400 implementations

Overview

Multiple vulnerabilities exist in different vendors' X.400 implementations. The impacts of these vulnerabilities are varied and range from denial of service to potential remote execution of arbitrary code.

I. Description

The U.K. National Infrastructure Security Co-ordination Center (NISCC) has reported multiple vulnerabilities in different vendors' implementations of the X.400 protocols. X.400 is the short name for the set of standards defined by the ISO and the ITU that describe a messaging service. These protocols are widely used in email transport applications among other services.

Messages using the X.400 protocols are normally exchanged utilizing Basic Encoding Rules (BER) encoded ASN.1 data structures. Crafted messages that do not correctly conform to the X.400 ASN.1 definitions may cause a receiving X.400 system to behave in an unpredictable way. A test suite developed by NISCC has exposed vulnerabilities in a variety of X.400 implementations. While most of these vulnerabilities exist in ASN.1 parsing routines, some vulnerabilities may occur elsewhere.

Due to the general lack of specific vulnerability information, this document covers multiple vulnerabilities in different X.400 implementations. Information about individual vendors is available in the Systems Affected section.

Further information is available in NISCC Vulnerability Advisory - 006489/X400

II. Impact

The impacts associated with these vulnerabilities include denial of service, and potential execution of arbitrary code.

III. Solution

Patch or Upgrade

Apply a patch or upgrade as appropriate. Information about specific vendors is available in the Systems Affected section of this document.

Systems Affected

Vendor	Status	Date Notified
3Com	Unknown	4-Nov-2003
Alcatel	Unknown	4-Nov-2003
Apple Computer Inc.	Unknown	4-Nov-2003
AT&T	Unknown	4-Nov-2003
Avaya	Unknown	4-Nov-2003
Borderware	Unknown	4-Nov-2003
BSDI	Unknown	4-Nov-2003
Check Point	Not Vulnerable	6-Nov-2003
Cisco Systems Inc.	Unknown	4-Nov-2003
Clavister	Not Vulnerable	4-Nov-2003
Computer Associates	Unknown	4-Nov-2003
Conectiva	Unknown	4-Nov-2003
COVERT Labs	Unknown	4-Nov-2003
Cray Inc.	Unknown	4-Nov-2003
D-Link Systems	Unknown	4-Nov-2003
Data General	Unknown	4-Nov-2003
Debian	Unknown	4-Nov-2003
eSoft	Unknown	4-Nov-2003
Extreme Networks	Unknown	3-Dec-2003
F5 Networks	Unknown	4-Nov-2003
Foundry Networks Inc.	Unknown	4-Nov-2003
FreeBSD	Unknown	4-Nov-2003
Fujitsu	Not Vulnerable	8-Dec-2003
Global Technology Associates	Unknown	4-Nov-2003
Guardian Digital Inc.	Unknown	4-Nov-2003
Hewlett-Packard Company	Unknown	4-Nov-2003
Hitachi	Not Vulnerable	6-Nov-2003
IBM	Unknown	4-Nov-2003
IBM-zSeries	Unknown	4-Nov-2003
IBM eServer	Unknown	4-Nov-2003
Ingrian Networks	Unknown	4-Nov-2003
Intel	Unknown	4-Nov-2003
Intoto	Not Vulnerable	6-Nov-2003
IP Filter	Unknown	4-Nov-2003
Juniper Networks	Unknown	4-Nov-2003
Lachman	Unknown	4-Nov-2003
Linksys	Unknown	4-Nov-2003
Lotus Software	Unknown	4-Nov-2003
Lucent Technologies	Unknown	4-Nov-2003
MandrakeSoft	Unknown	4-Nov-2003
Microsoft Corporation	Unknown	4-Nov-2003
MontaVista Software	Unknown	4-Nov-2003
Multi-Tech Systems Inc.	Unknown	4-Nov-2003
Multinet	Unknown	4-Nov-2003
NEC Corporation	Unknown	4-Nov-2003
NetBSD	Unknown	4-Nov-2003
Netfilter	Unknown	4-Nov-2003
NetScreen Technologies Inc.	Unknown	4-Nov-2003
Network Appliance	Unknown	4-Nov-2003
Nokia	Unknown	4-Nov-2003
Nortel Networks	Not Vulnerable	4-Nov-2003
Novell	Unknown	4-Nov-2003
OpenBSD	Unknown	4-Nov-2003
Openwall GNU/*/Linux	Unknown	4-Nov-2003
Oracle Corporation	Unknown	4-Nov-2003
Red Hat Inc.	Unknown	4-Nov-2003
Redback Networks Inc.	Unknown	4-Nov-2003
Riverstone Networks	Unknown	4-Nov-2003
SCO	Unknown	4-Nov-2003
Secure Computing Corporation	Unknown	4-Nov-2003
SecureWorx	Unknown	4-Nov-2003
Sequent	Unknown	4-Nov-2003
SGI	Unknown	4-Nov-2003
Sony Corporation	Unknown	4-Nov-2003
Stonesoft	Unknown	4-Nov-2003
Sun Microsystems Inc.	Unknown	4-Nov-2003
SuSE Inc.	Unknown	4-Nov-2003
Symantec Corporation	Unknown	4-Nov-2003
TurboLinux	Unknown	4-Nov-2003
Unisys	Unknown	4-Nov-2003
WatchGuard	Unknown	4-Nov-2003
Wind River Systems Inc.	Unknown	4-Nov-2003
Wirex	Unknown	4-Nov-2003
Xerox Corporation	Not Vulnerable	25-Nov-2003
ZyXEL	Unknown	4-Nov-2003

References

http://www.alvestrand.no/x400/standards.html
http://www.uniras.gov.uk/vuls/2003/006489/x400.htm
http://www.itu.int/ITU-T/asn1/

Credit

These vulnerabilities were discovered and researched by the NISCC Vulnerability Management Team.

This document was written by Chad R Dougherty based on information provided by NISCC.

Other Information

Date Public:	2003-11-04
Date First Published:	2003-11-04
Date Last Updated:	2003-12-08
CERT Advisory:
CVE-ID(s):	CAN-2003-0565
NVD-ID(s):	CAN-2003-0565
US-CERT Technical Alerts:
Metric:	6.38
Document Revision:	11

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Get Adobe Reader