Your message dated Thu, 16 Dec 2010 01:54:56 +0000
with message-id <[email protected]>
and subject line Bug#605092: fixed in collectd 4.4.2-3+lenny1
has caused the Debian Bug report #605092,
regarding Denial of Service vulnerability in the RRDtool and RRDCacheD plugins.
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
605092: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605092
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: collectd
Version: 4.4.2-3
Severity: important
Tags: patch, security, upstream, fixed-upstream
When creating a new RRD file, the RRDtool and RRDCacheD plugins
assert(3) that the timestamp included with a value is greater than 10
(i.e. after January 1st, 1970, 00:00:10 UTC). However, this condition is
not actually checked anywhere, making it possible for this assertion to
fail.
In the common scenario that data is received via the Network plugin and
written to disk via the RRDtool or RRDCacheD plugin, it is easily
possible to trigger this problem by sending a specifically crafted
Network packet. If the Network plugin is configured with the "Sign" or
"Encrypt" "security levels", an attacker needs to know the pre-shared
key to trigger the problem. Other plugins, for example the UnixSock and
Exec plugins, can be used to trigger the problem as well. However,
access to these mechanisms is usually not available to the general
public.
The existence of this problem has only been verified in version
4.10.1-1+squeeze1~bpo50+1 of the package, but the offending code first
appeared in version 4.0.8 of collectd (commit 9d52ed5f). It is therefore
safe to assume that all versions since 4.0.8 are vulnerable, including
version 4.4.2-3 included in Debian Lenny.
The issue has been fixed upstream in commit 11893a7c. The fix is
included in the new upstream versions 4.9.4 and 4.10.2. Porting the fix
back to 4.10.1-1+squeeze1 should be trivial.
Regards,
—octo
[0]
<http://git.verplant.org/?p=collectd.git;a=commitdiff;h=11893a7c85389e6d8a07d1ee8473294767c7ccb9>
--
Florian octo Forster
Hacker in training
GnuPG: 0x0C705A15
http://octo.it/
signature.asc
Description: Digital signature
--- End Message ---
--- Begin Message ---
Source: collectd
Source-Version: 4.4.2-3+lenny1
We believe that the bug you reported is fixed in the latest version of
collectd, which is due to be installed in the Debian FTP archive:
collectd-dbg_4.4.2-3+lenny1_amd64.deb
to main/c/collectd/collectd-dbg_4.4.2-3+lenny1_amd64.deb
collectd-dev_4.4.2-3+lenny1_all.deb
to main/c/collectd/collectd-dev_4.4.2-3+lenny1_all.deb
collectd_4.4.2-3+lenny1.diff.gz
to main/c/collectd/collectd_4.4.2-3+lenny1.diff.gz
collectd_4.4.2-3+lenny1.dsc
to main/c/collectd/collectd_4.4.2-3+lenny1.dsc
collectd_4.4.2-3+lenny1_amd64.deb
to main/c/collectd/collectd_4.4.2-3+lenny1_amd64.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Steffen Joeris <[email protected]> (supplier of updated collectd package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Wed, 08 Dec 2010 18:03:20 +1100
Source: collectd
Binary: collectd collectd-dbg collectd-dev
Architecture: source amd64 all
Version: 4.4.2-3+lenny1
Distribution: stable-security
Urgency: high
Maintainer: Sebastian Harl <[email protected]>
Changed-By: Steffen Joeris <[email protected]>
Description:
collectd - statistics collection and monitoring daemon
collectd-dbg - statistics collection and monitoring daemon (debugging symbols)
collectd-dev - statistics collection and monitoring daemon (development files)
Closes: 605092
Changes:
collectd (4.4.2-3+lenny1) stable-security; urgency=high
.
* Non-maintainer upload by the security team
* Fix DoS in RRD file creation (Closes: #605092)
Fixes: CVE-2010-4336
Thanks to Florian Forster
Checksums-Sha1:
080d2d651b49c985793e0cc03ba3699a91eac322 1742 collectd_4.4.2-3+lenny1.dsc
ec7358daf3920563c8c650bcf1359e1c928accb5 1220408 collectd_4.4.2.orig.tar.gz
d8d6f4dbef1ceffc5e81b5c792a2c552c94f4b94 38096 collectd_4.4.2-3+lenny1.diff.gz
8e7909628b8309ed386a2ac14d83c16037b3752b 443120
collectd_4.4.2-3+lenny1_amd64.deb
57d143ad07ad4c75dfe685047d402186a185afdd 496366
collectd-dbg_4.4.2-3+lenny1_amd64.deb
950a3c6ed3ce446107d9f6265ad9f511a6182340 58100
collectd-dev_4.4.2-3+lenny1_all.deb
Checksums-Sha256:
ed0b4658246d6bb98767fea582e8462db38e27c9e9ba682e5a41d828ffd8b485 1742
collectd_4.4.2-3+lenny1.dsc
bfcdc7f02cd91ef70933ab67ffaef0b9185c6cf65a617a5c3845273e8aefb286 1220408
collectd_4.4.2.orig.tar.gz
28e6cbc6d583f51cf652f8e9904c9a0da10419261f780d327aba66e065d79d87 38096
collectd_4.4.2-3+lenny1.diff.gz
0cd3c36b6bb887c3d891964a85fb20f1ee3608daf2220f789d20f919934d1c31 443120
collectd_4.4.2-3+lenny1_amd64.deb
43fefe90a92c22e643de2af0794530794e4e47a12fa96913cb2b6813e0f66197 496366
collectd-dbg_4.4.2-3+lenny1_amd64.deb
bf2b48dbb96dd524b85e90a48b7608ebec4bee49f28113c4776bcbe831ba417d 58100
collectd-dev_4.4.2-3+lenny1_all.deb
Files:
7eb809863e35c70e5da831ef83e5935b 1742 utils optional
collectd_4.4.2-3+lenny1.dsc
dbffe35a2d19840e86253c7052485ff0 1220408 utils optional
collectd_4.4.2.orig.tar.gz
6e0579c82d00a84da53d06eba261a157 38096 utils optional
collectd_4.4.2-3+lenny1.diff.gz
1ab233f04323751ced0078715dd82071 443120 utils optional
collectd_4.4.2-3+lenny1_amd64.deb
90685a47da1745e9bbc8dba2979cfe64 496366 utils extra
collectd-dbg_4.4.2-3+lenny1_amd64.deb
6ab2decfb0f6d4822bd399f83acde4bf 58100 utils optional
collectd-dev_4.4.2-3+lenny1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAkz/NxwACgkQ62zWxYk/rQf5ygCcCtavryLWf+KDp5BAnUV5fZqW
cKYAnjxV6T0UJQ9eXuHMo4x7nhnUEK2s
=JlaG
-----END PGP SIGNATURE-----
--- End Message ---
