Your message dated Wed, 08 Dec 2010 07:47:15 +0000
with message-id <[email protected]>
and subject line Bug#605092: fixed in collectd 4.10.1-2.1
has caused the Debian Bug report #605092,
regarding Denial of Service vulnerability in the RRDtool and RRDCacheD plugins.
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
605092: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605092
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: collectd
Version: 4.4.2-3
Severity: important
Tags: patch, security, upstream, fixed-upstream
When creating a new RRD file, the RRDtool and RRDCacheD plugins
assert(3) that the timestamp included with a value is greater than 10
(i.e. after January 1st, 1970, 00:00:10 UTC). However, this condition is
not actually checked anywhere, making it possible for this assertion to
fail.
In the common scenario that data is received via the Network plugin and
written to disk via the RRDtool or RRDCacheD plugin, it is easily
possible to trigger this problem by sending a specifically crafted
Network packet. If the Network plugin is configured with the "Sign" or
"Encrypt" "security levels", an attacker needs to know the pre-shared
key to trigger the problem. Other plugins, for example the UnixSock and
Exec plugins, can be used to trigger the problem as well. However,
access to these mechanisms is usually not available to the general
public.
The existence of this problem has only been verified in version
4.10.1-1+squeeze1~bpo50+1 of the package, but the offending code first
appeared in version 4.0.8 of collectd (commit 9d52ed5f). It is therefore
safe to assume that all versions since 4.0.8 are vulnerable, including
version 4.4.2-3 included in Debian Lenny.
The issue has been fixed upstream in commit 11893a7c. The fix is
included in the new upstream versions 4.9.4 and 4.10.2. Porting the fix
back to 4.10.1-1+squeeze1 should be trivial.
Regards,
—octo
[0]
<http://git.verplant.org/?p=collectd.git;a=commitdiff;h=11893a7c85389e6d8a07d1ee8473294767c7ccb9>
--
Florian octo Forster
Hacker in training
GnuPG: 0x0C705A15
http://octo.it/
signature.asc
Description: Digital signature
--- End Message ---
--- Begin Message ---
Source: collectd
Source-Version: 4.10.1-2.1
We believe that the bug you reported is fixed in the latest version of
collectd, which is due to be installed in the Debian FTP archive:
collectd-core_4.10.1-2.1_amd64.deb
to main/c/collectd/collectd-core_4.10.1-2.1_amd64.deb
collectd-dbg_4.10.1-2.1_amd64.deb
to main/c/collectd/collectd-dbg_4.10.1-2.1_amd64.deb
collectd-dev_4.10.1-2.1_all.deb
to main/c/collectd/collectd-dev_4.10.1-2.1_all.deb
collectd-utils_4.10.1-2.1_amd64.deb
to main/c/collectd/collectd-utils_4.10.1-2.1_amd64.deb
collectd_4.10.1-2.1.diff.gz
to main/c/collectd/collectd_4.10.1-2.1.diff.gz
collectd_4.10.1-2.1.dsc
to main/c/collectd/collectd_4.10.1-2.1.dsc
collectd_4.10.1-2.1_amd64.deb
to main/c/collectd/collectd_4.10.1-2.1_amd64.deb
libcollectdclient-dev_4.10.1-2.1_amd64.deb
to main/c/collectd/libcollectdclient-dev_4.10.1-2.1_amd64.deb
libcollectdclient0_4.10.1-2.1_amd64.deb
to main/c/collectd/libcollectdclient0_4.10.1-2.1_amd64.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Steffen Joeris <[email protected]> (supplier of updated collectd package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Wed, 08 Dec 2010 17:45:50 +1100
Source: collectd
Binary: collectd-core collectd collectd-utils collectd-dbg collectd-dev
libcollectdclient-dev libcollectdclient0
Architecture: source amd64 all
Version: 4.10.1-2.1
Distribution: unstable
Urgency: high
Maintainer: Sebastian Harl <[email protected]>
Changed-By: Steffen Joeris <[email protected]>
Description:
collectd - statistics collection and monitoring daemon
collectd-core - statistics collection and monitoring daemon (core system)
collectd-dbg - statistics collection and monitoring daemon (debugging symbols)
collectd-dev - statistics collection and monitoring daemon (development files)
collectd-utils - statistics collection and monitoring daemon (utilities)
libcollectdclient-dev - client library for collectd's control interface
(development file
libcollectdclient0 - client library for collectd's control interface
Closes: 605092
Changes:
collectd (4.10.1-2.1) unstable; urgency=high
.
* Non-maintainer upload by the security team
* Fix DoS in RRD file creation (Closes: #605092)
Fixes: CVE-2010-4336
Thanks to Florian Forster
Checksums-Sha1:
d4c3c1422dc9ef3a115032599829054d7b77560c 2501 collectd_4.10.1-2.1.dsc
934e821151cbaea0667b94dde33d03a92a70216b 58515 collectd_4.10.1-2.1.diff.gz
e0db5f2c7e4b110e2325639260fc78fc1d82568e 819464
collectd-core_4.10.1-2.1_amd64.deb
dbfbc288e7b6339b5048031ad8b8f077c7107262 66634 collectd_4.10.1-2.1_amd64.deb
f18e25e6af943c621284c6404ce509b61a3c0f7c 68606
collectd-utils_4.10.1-2.1_amd64.deb
fc2f53ff1c6faffc22ffb07100856a8a9dcf004a 840040
collectd-dbg_4.10.1-2.1_amd64.deb
ed0cbfc4e86cdc6241ff2a7117f89cd158ad5b2c 61254
libcollectdclient-dev_4.10.1-2.1_amd64.deb
d7e53a3a9518704bf1aef23f36be2c4cda194d83 66860
libcollectdclient0_4.10.1-2.1_amd64.deb
fe09cbd70ebb918ba5ea846d18427b1e23846b86 101538 collectd-dev_4.10.1-2.1_all.deb
Checksums-Sha256:
716660b06c587e5cc6525b53b14b40efd6f8320fe58cc89fe24d8251b8706bb0 2501
collectd_4.10.1-2.1.dsc
76de98ea03f09c00581fd43ce0c8ee392ca9bd0c7613482669714a27e585709a 58515
collectd_4.10.1-2.1.diff.gz
c6ae951c01813829e1fceda1ff11360820bcf62a9cc9151b2683c8f7fd9023d1 819464
collectd-core_4.10.1-2.1_amd64.deb
e50c8a37b0accba4d22414ca31198f8190e0730056e7dd7e2949101e273ff8d9 66634
collectd_4.10.1-2.1_amd64.deb
4702c2e16c5272bdb6b0a20bbd88a606dd37229e7356ec83e8f4bda78643d233 68606
collectd-utils_4.10.1-2.1_amd64.deb
f56e186af6f05f7528373d21712fdc07980d47d16fd611c2621a76e2d13bf11b 840040
collectd-dbg_4.10.1-2.1_amd64.deb
a693400bebe7b171d2b8b4cfcd0cc42bbdaf01faae8041335b71d3bbe9b2c971 61254
libcollectdclient-dev_4.10.1-2.1_amd64.deb
e8255c900a400d1b0d6b82084cfdf10baf9f2774dd663d5f7acb99fff53b5105 66860
libcollectdclient0_4.10.1-2.1_amd64.deb
130c33bb47a4798f2abda8d5dffafd285f67de37bbd33fb3fb97bf7e821320b0 101538
collectd-dev_4.10.1-2.1_all.deb
Files:
64c9ffe7bd915aeceec342c4fb09c656 2501 utils optional collectd_4.10.1-2.1.dsc
945faa15b8c8eb86d62725e53a3e5137 58515 utils optional
collectd_4.10.1-2.1.diff.gz
e325e82f8e03c3bac364ccc0d53cf1b0 819464 utils optional
collectd-core_4.10.1-2.1_amd64.deb
795a09cbb0aef3faaae0d1656fb61771 66634 utils optional
collectd_4.10.1-2.1_amd64.deb
2aeebb8a5869baea4cbfebe5977cbb51 68606 utils optional
collectd-utils_4.10.1-2.1_amd64.deb
783ee1916509bbb82ae60ddb58bd784f 840040 debug extra
collectd-dbg_4.10.1-2.1_amd64.deb
797c2081d4fc673e9dd8d692756eea4b 61254 libdevel optional
libcollectdclient-dev_4.10.1-2.1_amd64.deb
db08bf77a8c12bc21177480218530230 66860 libs optional
libcollectdclient0_4.10.1-2.1_amd64.deb
a506ab778a6fd361764ae49883227f49 101538 utils optional
collectd-dev_4.10.1-2.1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAkz/NPEACgkQ62zWxYk/rQeGrQCfToLOgOm1qPPCSirgVSqs9U/V
0V0An0L/cJixXacR7MQodaCnd8Ihd6Zm
=1eT1
-----END PGP SIGNATURE-----
--- End Message ---
