Results 1 to 6 of 6

Thread: Red Hat Security Advisory

  1. #1
    System_Overload
    Guest

    Exclamation Red Hat Security Advisory

    Red Hat, Inc. Red Hat Security Advisory

    Synopsis: Buffer overflow in UW imap daemon
    Advisory ID: RHSA-2002:092-11
    Issue date: 2002-05-16
    Updated on: 2002-05-22
    Product: Red Hat Linux
    Keywords: UW imap buffer overflow wu-imap uw-imap
    Cross references:
    Obsoletes: RHBA-2001:120
    CVE Names: CAN-2002-0379


    1. Topic:


    The UW imap daemon contains a buffer overflow which allows a
    logged in, remote user to execute commands on the server
    with the user's UID/GID.


    2. Relevant releases/architectures:


    Red Hat Linux 6.2 - alpha, i386, sparc


    Red Hat Linux 7.0 - alpha, i386


    Red Hat Linux 7.1 - alpha, i386, ia64


    Red Hat Linux 7.2 - i386, ia64


    3. Problem description:


    UW imapd is an IMAP daemon from the University of Washington. Version
    2000c and previous versions have a bug that allows a malicious user to
    construct a malformed request which overflows an internal buffer, enabling
    that user to execute commands on the server with the user's UID/GID.


    To exploit this problem the user has to have successfully authenticated to
    the imapd service. Therefore, this vulnerability mainly affects free email
    providers or mail servers where the user has no shell access to the system.
    On other systems, in which the user already has shell access, users can
    already run commands under their own UIDs/GIDs.


    The Common Vulnerabilities and Exposures project (cve.mitre.org) has
    assigned the name CAN-2002-0379 to this issue.


    Users of imapd are advised to upgrade to these errata packages containing
    version 2001a of imapd. They are not vulnerable to this issue.


    4. Solution:


    Before applying this update, make sure all previously released errata
    relevant to your system have been applied.


    To update all RPMs for your particular architecture, run:


    rpm -Fvh [filenames]


    where [filenames] is a list of the RPMs you wish to upgrade. Only those
    RPMs which are currently installed will be updated. Those RPMs which are
    not installed but included in the list will not be updated. Note that you
    can also use wildcards (*.rpm) if your current directory *only* contains the
    desired RPMs.


    Please note that this update is also available via Red Hat Network. Many
    people find this an easier way to apply updates. To use Red Hat Network,
    launch the Red Hat Update Agent with the following command:


    up2date


    This will start an interactive process that will result in the appropriate
    RPMs being upgraded on your system.


    5. Bug IDs fixed (http://bugzilla.redhat.com/bugzilla for more info):




    6. RPMs required:


    Red Hat Linux 6.2:


    SRPMS:
    ftp://updates.redhat.com/6.2/en/os/S...1.62.0.src.rpm


    alpha:
    ftp://updates.redhat.com/6.2/en/os/a...62.0.alpha.rpm
    ftp://updates.redhat.com/6.2/en/os/a...62.0.alpha.rpm


    i386:
    ftp://updates.redhat.com/6.2/en/os/i....62.0.i386.rpm
    ftp://updates.redhat.com/6.2/en/os/i....62.0.i386.rpm


    sparc:
    ftp://updates.redhat.com/6.2/en/os/s...62.0.sparc.rpm
    ftp://updates.redhat.com/6.2/en/os/s...62.0.sparc.rpm


    Red Hat Linux 7.0:


    SRPMS:
    ftp://updates.redhat.com/7.0/en/os/S...1.70.0.src.rpm


    alpha:
    ftp://updates.redhat.com/7.0/en/os/a...70.0.alpha.rpm
    ftp://updates.redhat.com/7.0/en/os/a...70.0.alpha.rpm


    i386:
    ftp://updates.redhat.com/7.0/en/os/i....70.0.i386.rpm
    ftp://updates.redhat.com/7.0/en/os/i....70.0.i386.rpm


    Red Hat Linux 7.1:


    SRPMS:
    ftp://updates.redhat.com/7.1/en/os/S...1.71.0.src.rpm


    alpha:
    ftp://updates.redhat.com/7.1/en/os/a...71.0.alpha.rpm
    ftp://updates.redhat.com/7.1/en/os/a...71.0.alpha.rpm


    i386:
    ftp://updates.redhat.com/7.1/en/os/i....71.0.i386.rpm
    ftp://updates.redhat.com/7.1/en/os/i....71.0.i386.rpm


    ia64:
    ftp://updates.redhat.com/7.1/en/os/i....71.0.ia64.rpm
    ftp://updates.redhat.com/7.1/en/os/i....71.0.ia64.rpm


    Red Hat Linux 7.2:


    SRPMS:
    ftp://updates.redhat.com/7.2/en/os/S...1.72.0.src.rpm


    i386:
    ftp://updates.redhat.com/7.2/en/os/i....72.0.i386.rpm
    ftp://updates.redhat.com/7.2/en/os/i....72.0.i386.rpm


    ia64:
    ftp://updates.redhat.com/7.2/en/os/i....72.0.ia64.rpm
    ftp://updates.redhat.com/7.2/en/os/i....72.0.ia64.rpm




    7. Verification:


    MD5 sum Package Name
    --------------------------------------------------------------------------
    ec7794a80981a579ded00e27a416e9e2 6.2/en/os/SRPMS/imap-2001a-1.62.0.src.rpm
    98c89c190f6276474917b51112d43b60 6.2/en/os/alpha/imap-2001a-1.62.0.alpha.rpm
    62e846b2c6dbe71ecd64063a8ddef179 6.2/en/os/alpha/imap-devel-2001a-1.62.0.alpha.rpm
    105073a5d5d9cca998c16c4784432612 6.2/en/os/i386/imap-2001a-1.62.0.i386.rpm
    18307141223c8214a996fc779fc4b30f 6.2/en/os/i386/imap-devel-2001a-1.62.0.i386.rpm
    c11e86178eac2def6c7f2680d72d4362 6.2/en/os/sparc/imap-2001a-1.62.0.sparc.rpm
    0e82318b401d12f641e74afaac29b26a 6.2/en/os/sparc/imap-devel-2001a-1.62.0.sparc.rpm
    c99646d934c056062269927d68c083cb 7.0/en/os/SRPMS/imap-2001a-1.70.0.src.rpm
    c1a44a312e0ff6ddce84ab9fce8661ce 7.0/en/os/alpha/imap-2001a-1.70.0.alpha.rpm
    01240d7f239848f76671135932745480 7.0/en/os/alpha/imap-devel-2001a-1.70.0.alpha.rpm
    6f775661a7cf3320fed6954bb6fc5319 7.0/en/os/i386/imap-2001a-1.70.0.i386.rpm
    e3ee6086addf447fc7cdf257f0489d1a 7.0/en/os/i386/imap-devel-2001a-1.70.0.i386.rpm
    924b63ae2c8029355a08b3001d59cbb5 7.1/en/os/SRPMS/imap-2001a-1.71.0.src.rpm
    e3acdfb3224d30c75e9971655de7a4e1 7.1/en/os/alpha/imap-2001a-1.71.0.alpha.rpm
    9b2e89d31f7bcbb95c674972d64e8813 7.1/en/os/alpha/imap-devel-2001a-1.71.0.alpha.rpm
    dd5d21b6e461813bdeddc16a6b41b285 7.1/en/os/i386/imap-2001a-1.71.0.i386.rpm
    2d3140dfe10396bd20d04bd79b57f647 7.1/en/os/i386/imap-devel-2001a-1.71.0.i386.rpm
    5649a1d3c1d8d950c5a0272ba65faec5 7.1/en/os/ia64/imap-2001a-1.71.0.ia64.rpm
    7232061442f47e063a193d8982d12f52 7.1/en/os/ia64/imap-devel-2001a-1.71.0.ia64.rpm
    ee249743bacd07adf36b355c78066f73 7.2/en/os/SRPMS/imap-2001a-1.72.0.src.rpm
    d2d9a10cb6c8faed062da4f21d8fb7e5 7.2/en/os/i386/imap-2001a-1.72.0.i386.rpm
    21feec5a469ff71e706173199ffc3856 7.2/en/os/i386/imap-devel-2001a-1.72.0.i386.rpm
    0247d2d090596fe2b892dd6768036d7c 7.2/en/os/ia64/imap-2001a-1.72.0.ia64.rpm
    456511a67ebda4e8a73af782388a97ab 7.2/en/os/ia64/imap-devel-2001a-1.72.0.ia64.rpm



    These packages are GPG signed by Red Hat, Inc. for security. Our key
    is available at:
    http://www.redhat.com/about/contact/pgpkey.html


    You can verify each package with the following command:
    rpm --checksig <filename>


    If you only wish to verify that each package has not been corrupted or
    tampered with, examine only the md5sum with the following command:
    rpm --checksig --nogpg <filename>


    8. References:


    http://marc.theaimsgroup.com/?l=bugt...02107222100529
    http://cve.mitre.org/cgi-bin/cvename...=CAN-2002-0379




    Copyright(c) 2000, 2001, 2002 Red Hat, Inc.


    System_0verload

  2. #2
    Senior Member
    Join Date
    Sep 2001
    Posts
    110
    i don't suppose many people would be using this one, or IMAP for that matter.

    has anyone here actually used an ISP or other provider that uses IMAP for its mail servers?

    * better check though, my work uses it. *

    regards,
    mark.
    \'hi, welcome to *****. if you would like to speak to an operator, please hang up now.\'
    * click *

  3. #3
    Senior Member
    Join Date
    Oct 2001
    Posts
    638
    This affects Slackware 7.1 as well as Redhat 7.2 versions of IMAP4. Check out the exploit here. Get the patches here.

    i don't suppose many people would be using this one, or IMAP for that matter.

    has anyone here actually used an ISP or other provider that uses IMAP for its mail servers?
    Huh? Quite a few ISP's and mail providers use IMAP.
    OpenBSD - The proactively secure operating system.

  4. #4
    Senior Member
    Join Date
    Oct 2001
    Posts
    638
    This affects Slackware 7.1 as well as Redhat 7.2 versions of IMAP4. Check out the exploit here. Get the patches here.

    i don't suppose many people would be using this one, or IMAP for that matter.

    has anyone here actually used an ISP or other provider that uses IMAP for its mail servers?
    Huh? Quite a few ISP's and mail providers use IMAP.
    OpenBSD - The proactively secure operating system.

  5. #5
    Thansk for thats info well aproved Thanks for links Smirc

  6. #6
    Thansk for thats info well aproved Thanks for links Smirc

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •