-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
______________________________________________________________________________
Caldera International, Inc. Security Advisory
Subject: Linux - Remote exploit against mutt
Advisory number: CSSA-2002-002.0
Issue date: 2002, January 25
Cross reference:
______________________________________________________________________________
1. Problem Description
The mail user agent mutt is susceptible to a remote attack. By sending
a message with an overlong email address, the attacker is able to
overwrite a single memory location with a zero byte, which can be
exploited to execute arbitary code within the account of the email
recipient.
2. Vulnerable Versions
System Package
-----------------------------------------------------------
OpenLinux 2.3 All packages previous to
mutt-1.2.5-12OL
OpenLinux eServer 2.3.1 All packages previous to
and OpenLinux eBuilder mutt-1.2.5-12
OpenLinux eDesktop 2.4 All packages previous to
mutt-1.2.5-12
OpenLinux Server 3.1 All packages previous to
mutt-1.2.5-12
OpenLinux Workstation 3.1 All packages previous to
mutt-1.2.5-12
OpenLinux 3.1 IA64 All packages previous to
mutt-1.2.5-12
OpenLinux Server 3.1.1 All packages previous to
mutt-1.2.5-12
OpenLinux Workstation All packages previous to
3.1.1 mutt-1.2.5-12
3. Solution
Workaround
none
The proper solution is to upgrade to the latest packages.
4. OpenLinux 2.3
4.1 Location of Fixed Packages
The upgrade packages can be found on Caldera's FTP site at:
ftp://ftp.caldera.com/pub/updates/OpenLinux/2.3/current/RPMS
The corresponding source code package can be found at:
ftp://ftp.caldera.com/pub/updates/OpenLinux/2.3/current/SRPMS
4.2 Verification
700b96d068e212e9f68bff794b60acc1 RPMS/mutt-1.2.5-12OL.i386.rpm
a4d1e0af855f96222d0ffbb5ca459c3f SRPMS/mutt-1.2.5-12OL.src.rpm
4.3 Installing Fixed Packages
Upgrade the affected packages with the following commands:
rpm -Fvh mutt-1.2.5-12OL.i386.rpm
5. OpenLinux eServer 2.3.1 and OpenLinux eBuilder for ECential 3.0
5.1 Location of Fixed Packages
The upgrade packages can be found on Caldera's FTP site at:
ftp://ftp.caldera.com/pub/updates/eServer/2.3/current/RPMS
The corresponding source code package can be found at:
ftp://ftp.caldera.com/pub/updates/eServer/2.3/current/SRPMS
5.2 Verification
fe2f279aaeb31c46b4ae8d61545d5bbc RPMS/mutt-1.2.5-12.i386.rpm
00faa11c92b970c6564ace29c9680258 SRPMS/mutt-1.2.5-12.src.rpm
5.3 Installing Fixed Packages
Upgrade the affected packages with the following commands:
rpm -Fvh mutt-1.2.5-12.i386.rpm
6. OpenLinux eDesktop 2.4
6.1 Location of Fixed Packages
The upgrade packages can be found on Caldera's FTP site at:
ftp://ftp.caldera.com/pub/updates/eDesktop/2.4/current/RPMS
The corresponding source code package can be found at:
ftp://ftp.caldera.com/pub/updates/eDesktop/2.4/current/SRPMS
6.2 Verification
a3996a484ac426c8200fcd7b8c1af39b RPMS/mutt-1.2.5-12.i386.rpm
00faa11c92b970c6564ace29c9680258 SRPMS/mutt-1.2.5-12.src.rpm
6.3 Installing Fixed Packages
Upgrade the affected packages with the following commands:
rpm -Fvh mutt-1.2.5-12.i386.rpm
7. OpenLinux 3.1 Server
7.1 Location of Fixed Packages
The upgrade packages can be found on Caldera's FTP site at:
ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/current/RPMS
The corresponding source code package can be found at:
ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/current/SRPMS
7.2 Verification
7997da37ee8266a528111c32cc47a7d9 RPMS/mutt-1.2.5-12.i386.rpm
00faa11c92b970c6564ace29c9680258 SRPMS/mutt-1.2.5-12.src.rpm
7.3 Installing Fixed Packages
Upgrade the affected packages with the following commands:
rpm -Fvh mutt-1.2.5-12.i386.rpm
8. OpenLinux 3.1 Workstation
8.1 Location of Fixed Packages
The upgrade packages can be found on Caldera's FTP site at:
ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Workstation/current/RPMS
The corresponding source code package can be found at:
ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Workstation/current/SRPMS
8.2 Verification
7997da37ee8266a528111c32cc47a7d9 RPMS/mutt-1.2.5-12.i386.rpm
00faa11c92b970c6564ace29c9680258 SRPMS/mutt-1.2.5-12.src.rpm
8.3 Installing Fixed Packages
Upgrade the affected packages with the following commands:
rpm -Fvh mutt-1.2.5-12.i386.rpm
9. OpenLinux 3.1 IA64
9.1 Location of Fixed Packages
The upgrade packages can be found on Caldera's FTP site at:
ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/IA64/current/RPMS
The corresponding source code package can be found at:
ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/IA64/current/SRPMS
9.2 Verification
214b0654c02f9a537bd1647c6a193a71 RPMS/mutt-1.2.5-12.ia64.rpm
00faa11c92b970c6564ace29c9680258 SRPMS/mutt-1.2.5-12.src.rpm
9.3 Installing Fixed Packages
Upgrade the affected packages with the following commands:
rpm -Fvh mutt-1.2.5-12.ia64.rpm
10. OpenLinux 3.1.1 Server
10.1 Location of Fixed Packages
The upgrade packages can be found on Caldera's FTP site at:
ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Server/current/RPMS
The corresponding source code package can be found at:
ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Server/current/SRPMS
10.2 Verification
5ad86d1e449396fb3f765c79d307f1f9 RPMS/mutt-1.2.5-12.i386.rpm
00faa11c92b970c6564ace29c9680258 SRPMS/mutt-1.2.5-12.src.rpm
10.3 Installing Fixed Packages
Upgrade the affected packages with the following commands:
rpm -Fvh mutt-1.2.5-12.i386.rpm
11. OpenLinux 3.1.1 Workstation
11.1 Location of Fixed Packages
The upgrade packages can be found on Caldera's FTP site at:
ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Workstation/current/RPMS
The corresponding source code package can be found at:
ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Workstation/current/SRPMS
11.2 Verification
5ad86d1e449396fb3f765c79d307f1f9 RPMS/mutt-1.2.5-12.i386.rpm
00faa11c92b970c6564ace29c9680258 SRPMS/mutt-1.2.5-12.src.rpm
11.3 Installing Fixed Packages
Upgrade the affected packages with the following commands:
rpm -Fvh mutt-1.2.5-12.i386.rpm
12. References
This and other Caldera security resources are located at:
http://www.caldera.com/support/security/index.html
This security fix closes Caldera's internal Problem Report 11295.
13. Disclaimer
Caldera International, Inc. is not responsible for the misuse of
any of the information we provide on this website and/or through our
security advisories. Our advisories are a service to our customers
intended to promote secure installation and use of Caldera OpenLinux.
14. Acknowledgements
Caldera International wishes to thank Thomas Roessler for his
cooperation, and providing a fix.
______________________________________________________________________________
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE8X8GZ18sy83A/qfwRAl9zAKCqbnF3E55MpKCC10e/EBZ9g5L1nACgqwcw
uunVcXEUJXbZQ6PrH26VECE=
=aK2d
-----END PGP SIGNATURE-----
This archive was generated by hypermail 2b30 : Fri Feb 08 2002 - 22:19:48 PST