Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Security Update: [CSSA-2003-001.0] Linux: fetchmail at-sign buffer overflow vuln

Security Update: [CSSA-2003-001.0] Linux: fetchmail at-sign buffer overflow vuln

by Nikola Strahija on January 10th, 2003 Heap-based buffer overflow in fetchmail does not account for the "@" character when determining buffer lengths for local addresses, which allows remote attackers to execute arbitrary code via a header with a large number of local addresses.


Subject: Linux: fetchmail at-sign buffer overflow vulnerability
Advisory number: CSSA-2003-001.0
Issue date: 2003 January 09
Cross reference:
______________________________________________________________________________


1. Problem Description

Heap-based buffer overflow in fetchmail does not account for the
"@" character when determining buffer lengths for local addresses,
which allows remote attackers to execute arbitrary code via a
header with a large number of local addresses.


2. Vulnerable Supported Versions

System Package
----------------------------------------------------------------------

OpenLinux 3.1.1 Server prior to fetchmail-6.1.0-4.i386.rpm

OpenLinux 3.1.1 Workstation prior to fetchmail-6.1.0-4.i386.rpm

OpenLinux 3.1 Server prior to fetchmail-6.1.0-4.i386.rpm

OpenLinux 3.1 Workstation prior to fetchmail-6.1.0-4.i386.rpm


3. Solution

The proper solution is to install the latest packages. Many
customers find it easier to use the Caldera System Updater, called
cupdate (or kcupdate under the KDE environment), to update these
packages rather than downloading and installing them by hand.


4. OpenLinux 3.1.1 Server

4.1 Package Location

ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2003-001.0/RPMS

4.2 Packages

6035679560eb91ad57ec143469744f6f fetchmail-6.1.0-4.i386.rpm

4.3 Installation

rpm -Fvh fetchmail-6.1.0-4.i386.rpm

4.4 Source Package Location

ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2003-001.0/SRPMS

4.5 Source Packages

8324bf38216402b13657e3a137c04f52 fetchmail-6.1.0-4.src.rpm


5. OpenLinux 3.1.1 Workstation

5.1 Package Location

ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2003-001.0/RPMS

5.2 Packages

f1205c6cfa4d5a2205eb5596fc3b3efd fetchmail-6.1.0-4.i386.rpm

5.3 Installation

rpm -Fvh fetchmail-6.1.0-4.i386.rpm

5.4 Source Package Location

ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2003-001.0/SRPMS

5.5 Source Packages

6bbd2ab3ca320deb7e6bb6255f02c0ee fetchmail-6.1.0-4.src.rpm


6. OpenLinux 3.1 Server

6.1 Package Location

ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Server/CSSA-2003-001.0/RPMS

6.2 Packages

f889dbefab6282e17225e98cc8ee9f85 fetchmail-6.1.0-4.i386.rpm

6.3 Installation

rpm -Fvh fetchmail-6.1.0-4.i386.rpm

6.4 Source Package Location

ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Server/CSSA-2003-001.0/SRPMS

6.5 Source Packages

c86a332f4ad72cdd118c111167634c58 fetchmail-6.1.0-4.src.rpm


7. OpenLinux 3.1 Workstation

7.1 Package Location

ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Workstation/CSSA-2003-001.0/RPMS

7.2 Packages

ed4c33e63e1c430202125ab1f9e9e94c fetchmail-6.1.0-4.i386.rpm

7.3 Installation

rpm -Fvh fetchmail-6.1.0-4.i386.rpm

7.4 Source Package Location

ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Workstation/CSSA-2003-001.0/SRPMS

7.5 Source Packages

1cb257a1a13481b518fa3ef0016cef4c fetchmail-6.1.0-4.src.rpm


8. References

Specific references for this advisory:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1365
http://security.e-matters.de/advisories/052002.html

SCO security resources:

http://www.sco.com/support/security/index.html

This security fix closes SCO incidents sr872719, fz526873,
erg712185.


9. Disclaimer

SCO is not responsible for the misuse of any of the information
we provide on this website and/or through our security
advisories. Our advisories are a service to our customers intended
to promote secure installation and use of SCO products.


10. Acknowledgements

Stefan Esser discovered and researched
this vulnerability.


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »