Debians sikkerhedsbulletin
DSA-148-1 hylafax -- bufferoverløb og format-strengssårbarheder
- Rapporteret den:
- 12. aug 2002
- Berørte pakker:
- hylafax
- Sårbar:
- Ja
- Referencer i sikkerhedsdatabaser:
- I Bugtraq-databasen (hos SecurityFocus): BugTraq-id 3357, BugTraq-id 5349, BugTraq-id 5348.
I Mitres CVE-ordbog: CVE-2002-1049, CVE-2002-1050, CVE-2001-1034. - Yderligere oplysninger:
-
Et antal problemer er opdateret i Hylafax, et fleksibelt klient-/server-faxprogram som distribueres med mange GNU/Linux-distributioner. Et citat fra SecurityFocus uddyber problemerne:
- En format-strengssårbarhed gør det muligt for brugere potentielt at udføre vilkårlig kode på nogle systemer. På grund af utilstrækkelig kontrol af inddata, er det muligt at udføre et format-strengsangreb. Da det kun påvirker systemer hvor programmerne faxrm og faxalter er installeret setuid, er Debian ikke sårbar.
- Et bufferoverløb i Hylafax er rapporeret. En ondsindet faxoverførsel kan indeholde en lang scan-linie som får hukommelsesbufferen til at løbe over, og dermed ødelægge tilstødende hukommelse. En udnyttelse kan resultere i et overbelastningsangreb ("denial of service"), eller muligvis i udførelse af vilkårlig kode med root-rettigheder.
- En format-strengssårbarhed er opdaget i faxgetty. Indkommende faxmeddelelser indeholder en Transmitting Subscriber Identification (TSI)-streng, som bruges til at identificere den afsendende faxmaskine. Hylafax anvender disse data som del af en format-streng, uden på tilstrækkelig vis at rense inddataene. Ondsindede faxdata kan forsage at serveren går ned, resulterende i et overbelastningsangreb.
- Marcin Dawcewicz har opdaget en format-strengssårbarhed i hfaxd, hvilket får hfaxd til at gå ned under visse betingelser. Da Debian ikke installerer hfaxd som setuid root, kan problemet ikke direkte føre til en sårbarhed. Dette er rettet af Darren Nickerson, og er allerede til stede i nyere versioner, men ikke den i potato.
Disse problemer er rettet i version 4.0.2-14.3 i den gamle stabile distribution (potato), i version 4.1.1-1.1 i den aktuelle stabile distribution (woody) og i version 4.1.2-2.1 i den ustabile distribution (sid).
Vi anbefaler at du opgraderer dine hylafax-pakker.
- Rettet i:
-
Debian GNU/Linux 2.2 (potato)
- Kildekode:
- http://security.debian.org/pool/updates/main/h/hylafax/hylafax_4.0.2-14.3.dsc
- http://security.debian.org/pool/updates/main/h/hylafax/hylafax_4.0.2-14.3.diff.gz
- http://security.debian.org/pool/updates/main/h/hylafax/hylafax_4.0.2.orig.tar.gz
- http://security.debian.org/pool/updates/main/h/hylafax/hylafax_4.0.2-14.3.diff.gz
- Arkitekturuafhængig komponent:
- http://security.debian.org/pool/updates/main/h/hylafax/hylafax-doc_4.0.2-14.3_all.deb
- Alpha:
- http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.0.2-14.3_alpha.deb
- http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.0.2-14.3_alpha.deb
- http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.0.2-14.3_alpha.deb
- ARM:
- http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.0.2-14.3_arm.deb
- http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.0.2-14.3_arm.deb
- http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.0.2-14.3_arm.deb
- Intel IA-32:
- http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.0.2-14.3_i386.deb
- http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.0.2-14.3_i386.deb
- http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.0.2-14.3_i386.deb
- Motorola 680x0:
- http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.0.2-14.3_m68k.deb
- http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.0.2-14.3_m68k.deb
- http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.0.2-14.3_m68k.deb
- PowerPC:
- http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.0.2-14.3_powerpc.deb
- http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.0.2-14.3_powerpc.deb
- http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.0.2-14.3_powerpc.deb
- Sun Sparc:
- http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.0.2-14.3_sparc.deb
- http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.0.2-14.3_sparc.deb
- http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.0.2-14.3_sparc.deb
Debian GNU/Linux 3.0 (woody)
- Kildekode:
- http://security.debian.org/pool/updates/main/h/hylafax/hylafax_4.1.1-1.1.dsc
- http://security.debian.org/pool/updates/main/h/hylafax/hylafax_4.1.1-1.1.diff.gz
- http://security.debian.org/pool/updates/main/h/hylafax/hylafax_4.1.1.orig.tar.gz
- http://security.debian.org/pool/updates/main/h/hylafax/hylafax_4.1.1-1.1.diff.gz
- Arkitekturuafhængig komponent:
- http://security.debian.org/pool/updates/main/h/hylafax/hylafax-doc_4.1.1-1.1_all.deb
- Alpha:
- http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.1.1-1.1_alpha.deb
- http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.1.1-1.1_alpha.deb
- http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.1.1-1.1_alpha.deb
- ARM:
- http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.1.1-1.1_arm.deb
- http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.1.1-1.1_arm.deb
- http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.1.1-1.1_arm.deb
- Intel IA-32:
- http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.1.1-1.1_i386.deb
- http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.1.1-1.1_i386.deb
- http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.1.1-1.1_i386.deb
- Intel IA-64:
- http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.1.1-1.1_ia64.deb
- http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.1.1-1.1_ia64.deb
- http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.1.1-1.1_ia64.deb
- HP Precision:
- http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.1.1-1.1_hppa.deb
- http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.1.1-1.1_hppa.deb
- http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.1.1-1.1_hppa.deb
- Motorola 680x0:
- http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.1.1-1.1_m68k.deb
- http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.1.1-1.1_m68k.deb
- http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.1.1-1.1_m68k.deb
- PowerPC:
- http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.1.1-1.1_powerpc.deb
- http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.1.1-1.1_powerpc.deb
- http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.1.1-1.1_powerpc.deb
- IBM S/390:
- http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.1.1-1.1_s390.deb
- http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.1.1-1.1_s390.deb
- http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.1.1-1.1_s390.deb
- Sun Sparc:
- http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.1.1-1.1_sparc.deb
- http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.1.1-1.1_sparc.deb
- http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.1.1-1.1_sparc.deb
MD5-kontrolsummer for de listede filer findes i den originale sikkerhedsbulletin.