-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 +------------------------------------------------------------------------+ | EnGarde Secure Linux Security Advisory June 20, 2001 | | http://www.engardelinux.org/ ESA-20010620-01 | | | | Package: fetchmail-ssl | | Summary: There is a buffer overflow in the header handling code of | | the fetchmail-ssl package. | +------------------------------------------------------------------------+ EnGarde Secure Linux is a secure distribution of Linux that features improved access control, host and network intrusion detection, Web based secure remote management, complete e-commerce using AllCommerce, and integrated open source security tools. OVERVIEW - -------- There is a buffer overflow vulnerability in the fetchmail-ssl package which could potentially be exploited remotely, although no exploit is known of at this time. DETAIL - ------ There is a buffer overflow in the header parsing code of fetchmail (rfc882.c) which caused fetchmail to die with a segmentation fault when it encountered a message with a large "To:" header. This bug could be exploited remotely and, if fetchmail is being run as root, could allow the attacker to obtain root privileges. No exploit is know of at this time but we highly recommend all users update nevertheless. We have updated the package to version 5.8.7 to fix this problem. SOLUTION - -------- All users should upgrade to the most recent version, as outlined in this advisory. All updates can be found at: ftp://ftp.engardelinux.org/pub/engarde/stable/updates/ http://ftp.engardelinux.org/pub/engarde/stable/updates/ http://ftp.ibiblio.org/pub/linux/distributions/engarde/stable/updates/ Before upgrading the package, the machine must either: a) be booted into a "standard" kernel; or b) have LIDS disabled. To disable LIDS, execute the command: # /sbin/lidsadm -S -- -LIDS_GLOBAL To install the updated package, execute the command: # rpm -Uvh <filename> To re-enable LIDS (if it was disabled), execute the command: # /sbin/lidsadm -S -- +LIDS_GLOBAL To verify the signature of the updated packages, execute the command: # rpm -Kv <filename> UPDATED PACKAGES - ---------------- These updated packages are for EnGarde Secure Linux 1.0.1 (Finestra). Source Packages: SRPMS/fetchmail-ssl-5.8.7-1.0.2.src.rpm MD5 Sum: a3fbe418903aaee80c4d7f68b246bd3b Binary Packages: i386/fetchmail-ssl-5.8.7-1.0.2.i386.rpm MD5 Sum: fc034811543e4aa5ad913bfa444f7e7f i686/fetchmail-ssl-5.8.7-1.0.2.i686.rpm MD5 Sum: dcb18d42dd572432ddb60bd917e2418d REFERENCES - ---------- Guardian Digital's public key: http://ftp.engardelinux.org/pub/engarde/ENGARDE-GPG-KEY Credit for the discovery of this bug goes to: Wolfram Kleff <kleffat_private-bonn.de> fetchmail's Official Web Site: http://www.tuxedo.org/~esr/fetchmail/index.html Original disclosure of this bug: http://bugs.debian.org/100394 - -------------------------------------------------------------------------- $Id: ESA-20010620-01-fetchmail-ssl,v 1.2 2001/06/20 18:51:11 rwm Exp $ - -------------------------------------------------------------------------- Author: Ryan W. Maple, <ryanat_private> Copyright 2001, Guardian Digital, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE7MmIiHD5cqd57fu0RArc7AJsGfdqJYOtAiAw2NG4f03FFk/QEtgCfe6d+ Lrl2lQlTAJWJ+PKUhmp9xYg= =KhJe -----END PGP SIGNATURE-----
This archive was generated by hypermail 2b30 : Thu Jun 21 2001 - 18:23:06 PDT