OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Martin Schulze (joey_at_infodrom.org)
Date: Fri Jan 31 2003 - 08:24:01 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    - --------------------------------------------------------------------------
    Debian Security Advisory DSA 248-1 securitydebian.org
    http://www.debian.org/security/ Martin Schulze
    January 31st, 2003 http://www.debian.org/security/faq
    - --------------------------------------------------------------------------

    Package : hypermail
    Vulnerability : buffer overflows
    Problem-Type : remote
    Debian-specific: no
    CVE Id : CAN-2003-0057

    Ulf Harnhammar discovered two problems in hypermail, a program to
    create HTML archives of mailing lists.

    An attacker could craft a long filename for an attachment that would
    overflow two buffers when a certain option for interactive use was
    given, opening the possibility to inject arbitrary code. This code
    would then be executed under the user id hypermail runs as, mostly as
    a local user. Automatic and silent use of hypermail does not seem to
    be affected.

    The CGI program mail, which is not installed by the Debian package,
    does a reverse look-up of the user's IP number and copies the
    resulting hostname into a fixed-size buffer. A specially crafted DNS
    reply could overflow this buffer, opening the program to an exploit.

    For the stable distribution (woody) this problem has been fixed in
    version 2.1.3-2.0.

    For the old stable distribution (potato) this problem has been fixed
    in version 2.0b25-1.1.

    For the unstable distribution (sid) this problem has been fixed
    in version 2.1.6-1.

    We recommend that you upgrade your hypermail packages.

    Upgrade Instructions
    - --------------------

    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.

    If you are using the apt-get package manager, use the line for
    sources.list as given below:

    apt-get update
            will update the internal database
    apt-get upgrade
            will install corrected packages

    You may use an automated update by adding the resources from the
    footer to the proper configuration.

    Debian GNU/Linux 2.2 alias potato
    - ---------------------------------

      Source archives:

        http://security.debian.org/pool/updates/main/h/hypermail/hypermail_2.0b25-1.1.dsc
          Size/MD5 checksum: 577 96bc728b8bdc3f3b31b2f6e7fb96e1c8
        http://security.debian.org/pool/updates/main/h/hypermail/hypermail_2.0b25-1.1.diff.gz
          Size/MD5 checksum: 9685 0450f68f3ab45eadc7fab7e97076c845
        http://security.debian.org/pool/updates/main/h/hypermail/hypermail_2.0b25.orig.tar.gz
          Size/MD5 checksum: 297049 7a5875311ae71fc6fa5dee18e9d826ee

      Alpha architecture:

        http://security.debian.org/pool/updates/main/h/hypermail/hypermail_2.0b25-1.1_alpha.deb
          Size/MD5 checksum: 416502 97032e2a8ad790a2b760a49ac39871f2

      ARM architecture:

        http://security.debian.org/pool/updates/main/h/hypermail/hypermail_2.0b25-1.1_arm.deb
          Size/MD5 checksum: 150356 d3bf5bcce7068ccec8c5e246f6cc9491

      Intel IA-32 architecture:

        http://security.debian.org/pool/updates/main/h/hypermail/hypermail_2.0b25-1.1_i386.deb
          Size/MD5 checksum: 145048 987bb3659b98eb4dc7e020afd58c24ac

      Motorola 680x0 architecture:

        http://security.debian.org/pool/updates/main/h/hypermail/hypermail_2.0b25-1.1_m68k.deb
          Size/MD5 checksum: 141910 cbe0d66a017f5ab47b6318c7a40a02b6

      PowerPC architecture:

        http://security.debian.org/pool/updates/main/h/hypermail/hypermail_2.0b25-1.1_powerpc.deb
          Size/MD5 checksum: 156548 5cda5263360e4f39d8b82e47843039e3

      Sun Sparc architecture:

        http://security.debian.org/pool/updates/main/h/hypermail/hypermail_2.0b25-1.1_sparc.deb
          Size/MD5 checksum: 175610 3dec97942bb30b61eff8c748577bc473

    Debian GNU/Linux 3.0 alias woody
    - --------------------------------

      Source archives:

        http://security.debian.org/pool/updates/main/h/hypermail/hypermail_2.1.3-2.0.dsc
          Size/MD5 checksum: 606 e335b50b6f796c6e4808084840560bee
        http://security.debian.org/pool/updates/main/h/hypermail/hypermail_2.1.3-2.0.diff.gz
          Size/MD5 checksum: 13146 106aba184df6afb95733bfe24da073fc
        http://security.debian.org/pool/updates/main/h/hypermail/hypermail_2.1.3.orig.tar.gz
          Size/MD5 checksum: 723942 f1bea3df4b34e58e2f6318f2ed3f9770

      Alpha architecture:

        http://security.debian.org/pool/updates/main/h/hypermail/hypermail_2.1.3-2.0_alpha.deb
          Size/MD5 checksum: 212258 8bad85e95bfa8f47e967a29a7b0a9f85

      ARM architecture:

        http://security.debian.org/pool/updates/main/h/hypermail/hypermail_2.1.3-2.0_arm.deb
          Size/MD5 checksum: 187986 0583077e67b953f71de182ff42547bbe

      Intel IA-32 architecture:

        http://security.debian.org/pool/updates/main/h/hypermail/hypermail_2.1.3-2.0_i386.deb
          Size/MD5 checksum: 179114 aeb01e13233b078e4ad7266d5b5d5860

      Intel IA-64 architecture:

        http://security.debian.org/pool/updates/main/h/hypermail/hypermail_2.1.3-2.0_ia64.deb
          Size/MD5 checksum: 243654 a11258231578df4f2cbd906792990fca

      HP Precision architecture:

        http://security.debian.org/pool/updates/main/h/hypermail/hypermail_2.1.3-2.0_hppa.deb
          Size/MD5 checksum: 203300 b7a96e5819c87be6c970c815c141b5ee

      Motorola 680x0 architecture:

        http://security.debian.org/pool/updates/main/h/hypermail/hypermail_2.1.3-2.0_m68k.deb
          Size/MD5 checksum: 171634 ac39ecc46835d711321b42041d5e967d

      Big endian MIPS architecture:

        http://security.debian.org/pool/updates/main/h/hypermail/hypermail_2.1.3-2.0_mips.deb
          Size/MD5 checksum: 200810 2f389f8858d479e523a41e45308c201c

      Little endian MIPS architecture:

        http://security.debian.org/pool/updates/main/h/hypermail/hypermail_2.1.3-2.0_mipsel.deb
          Size/MD5 checksum: 199906 6d4db8dd21081d4b27c6ce1331476cb0

      PowerPC architecture:

        http://security.debian.org/pool/updates/main/h/hypermail/hypermail_2.1.3-2.0_powerpc.deb
          Size/MD5 checksum: 193648 cb233bbc6cb8064f59c1dc6ef56539dd

      IBM S/390 architecture:

        http://security.debian.org/pool/updates/main/h/hypermail/hypermail_2.1.3-2.0_s390.deb
          Size/MD5 checksum: 188614 68b89720900812d551c760b61af04daf

      Sun Sparc architecture:

        http://security.debian.org/pool/updates/main/h/hypermail/hypermail_2.1.3-2.0_sparc.deb
          Size/MD5 checksum: 194596 103964dcf3a82f8d1df4d5afe9edecc9

      These files will probably be moved into the stable distribution on
      its next revision.

    - ---------------------------------------------------------------------------------
    For apt-get: deb http://security.debian.org/ stable/updates main
    For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
    Mailing list: debian-security-announcelists.debian.org
    Package info: `apt-cache show <pkg>' and http://packages.debian.org/>

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.2.1 (GNU/Linux)

    iD8DBQE+SP5iW5ql+IAeqTIRAp9zAJwLorGflAb4CMc62KV08lswcLY0VQCfUwYn
    KvskQazESv9XsRacU+oAuYA=
    =nwsx
    -----END PGP SIGNATURE-----

    -- 
    To UNSUBSCRIBE, email to debian-security-announce-requestlists.debian.org
    with a subject of "unsubscribe". Trouble? Contact listmasterlists.debian.org