[Full-Disclosure] SUSE Security Announcement: squid (SUSE-SA:2005:006)
-BEGIN PGP SIGNED MESSAGE- __ SUSE Security Announcement Package:squid Announcement-ID:SUSE-SA:2005:006 Date: Thursday, Feb 10th 2005 13:30 MET Affected products: 8.1, 8.2, 9.0, 9.1, 9.2 SUSE Linux Enterprise Server 8, 9 Vulnerability Type: remote command execution Severity (1-10):8 SUSE default package: no Cross References: CAN-2005-0094 CAN-2005-0095 CAN-2005-0096 CAN-2005-0097 CAN-2005-0173 CAN-2005-0174 CAN-2005-0175 CAN-2005-0211 CAN-2005-0241 Content of this advisory: 1) security vulnerability resolved: + buffer overflow in gopher parser + integer overflow in WCCP handling code + memory leak in the NTLM fakeauth_auth helper + denial-of-service in NTLM component + lax LDAP account name handling + cache poisoning by malformed HTTP packets + cache poisoning by splitted HTTP responses + buffer overflow in WCCP handling code + httpProcessReplyHeader function does not properly set the debug context problem description 2) solution/workaround 3) special instructions and notes 4) package location and checksums 5) pending vulnerabilities, solutions, workarounds: 6) standard appendix (further information) __ 1) problem description, brief discussion Squid is a feature-rich web-proxy with support for various web-related protocols. The last two squid updates from February the 1st and 10th fix several vulnerabilities. The impact of them range from remote denial-of-service over cache poisoning to possible remote command execution. Due to the hugh amount of bugs the vulnerabilities are just summarized here. CAN-2005-0094 A buffer overflow in the Gopher responses parser leads to memory corruption and usually crash squid. CAN-2005-0095 An integer overflow in the receiver of WCCP (Web Cache Communication Protocol) messages can be exploited remotely by sending a specially crafted UDP datagram to crash squid. CAN-2005-0096 A memory leak in the NTLM fakeauth_auth helper for Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial-of-service due to uncontrolled memory consumption. CAN-2005-0097 The NTLM component in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a crash od squid by sending a malformed NTLM message. CAN-2005-0173 LDAP handles search filters very laxly. This behaviour can be abused to log in using several variants of a login name, possibly bypassing explicit access controls or confusing accounting. CAN-2005-0175 and CAN-2005-0174 Minor problems in the HTTP header parsing code that can be used for cache poisoning. CAN-2005-0211 A buffer overflow in the WCCP handling code in Squid 2.5 before 2.5.STABLE7 allows remote attackers to cause a denial-of-service and possibly execute arbitrary code by using a long WCCP packet. CAN-2005-0241 The httpProcessReplyHeader function in Squid 2.5-STABLE7 and earlier does not properly set the debug context when it is handling oversized HTTP reply headers. The impact is unknown. 2) solution/workaround There is no workaround known. 3) special instructions and notes Please make sure squid is restarted after the update. Execute 'rcsquid restart' as user root. 4) package location and checksums Download the update package for your distribution and verify its integrity by the methods listed in section 3) of this announcement. Then, install the package using the command rpm -Fhv file.rpm to apply the update. Our maintenance customers are being notified individually. The packages are being offered for installation from the maintenance web. x86 Platform: SUSE Linux 9.2:
[Full-Disclosure] SUSE Security Announcement: libtiff/tiff (SUSE-SA:2005:001)
-BEGIN PGP SIGNED MESSAGE- __ SUSE Security Announcement Package:libtiff/tiff Announcement-ID:SUSE-SA:2005:001 Date: Monday, Jan 10th 2005 11:30 MET Affected products: 8.1, 8.2, 9.0, 9.1, 9.2 SUSE Linux Desktop 1.0 SUSE Linux Enterprise Server 8, 9 Novell Linux Desktop 9 Vulnerability Type: remote system compromise Severity (1-10):8 SUSE default package: yes Cross References: CAN-2004-1183 CAN-2004-1308 Content of this advisory: 1) security vulnerability resolved: - integer overflow - buffer overflow problem description 2) solution/workaround 3) special instructions and notes 4) package location and checksums 5) pending vulnerabilities, solutions, workarounds: 6) standard appendix (further information) __ 1) problem description, brief discussion Libtiff supports reading, writing, and manipulating of TIFF image files. iDEFENSE reported an integer overflow in libtiff that can be exploited by specific TIFF images to trigger a heap-based buffer overflow afterwards. This bug can be used by external attackers to execute arbitrary code over the network by placing special image files on web-pages and alike. Additionally a buffer overflow in tiffdump was fixed. 2) solution/workaround There is no workaround known. 3) special instructions and notes It is needed that all processes using libtiff are restarted. If you use GUI applications please close your X/GDM/KDM session(s) and log in again. 4) package location and checksums Download the update package for your distribution and verify its integrity by the methods listed in section 3) of this announcement. Then, install the package using the command rpm -Fhv file.rpm to apply the update. Our maintenance customers are being notified individually. The packages are being offered for installation from the maintenance web. x86 Platform: SUSE Linux 9.2: ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/libtiff-3.6.1-47.4.i586.rpm 8d0c9a4295719b7b659d33b311932cce ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/libtiff-devel-3.6.1-47.4.i586.rpm bbdfe23b8390265f62c5e800551eca7d ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/tiff-3.6.1-47.4.i586.rpm 79d0b122103b619b795872ed70a7feaa patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/libtiff-3.6.1-47.4.i586.patch.rpm dd18c32e661a59dfda88e5318ecfb825 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/libtiff-devel-3.6.1-47.4.i586.patch.rpm a161f078c72920fde4f95f0f229e07fb ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/tiff-3.6.1-47.4.i586.patch.rpm b66e77ac565b37f9b980145a9442 source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/src/tiff-3.6.1-47.4.src.rpm 953f00dd4f98223d270db6e2c662e370 SUSE Linux 9.1: ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/libtiff-3.6.1-38.14.i586.rpm bc883989e3deeecbc0dfb47a9daa23ff ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/tiff-3.6.1-38.14.i586.rpm 46a598e4914836b7e4e90094625e1587 patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/libtiff-3.6.1-38.14.i586.patch.rpm ec8d13d5b0bb4bedb2796db800ec8821 ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/tiff-3.6.1-38.14.i586.patch.rpm 8bfef59cd1946f889f9eb3b8f441e61a source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/tiff-3.6.1-38.14.src.rpm 59218891e1c096ee376aec6906dbbc1c SUSE Linux 9.0: ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/libtiff-3.5.7-379.i586.rpm 339b3bbc318cc6298e07a65e82a1e07d ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/tiff-3.5.7-379.i586.rpm 6fe1432237f589dc73e348e1cdbc9068 patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/libtiff-3.5.7-379.i586.patch.rpm 867a5a98a2ac68071be51a2426992bd9 ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/tiff-3.5.7-379.i586.patch.rpm a185bec3b9a4a79590561d2bd7d19243 source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/tiff-3.5.7-379.src.rpm a4857a276db37e3a6d4fc6df2bebd230 SUSE Linux 8.2: ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/libtiff-3.5.7-379.i586.rpm aab8d95cf757c5520830e0bed74e2d5f
[Full-Disclosure] SUSE Security Announcement: cyrus-imapd (SUSE-SA:2004:043)
-BEGIN PGP SIGNED MESSAGE- __ SUSE Security Announcement Package:cyrus-imapd Announcement-ID:SUSE-SA:2004:043 Date: Friday, Dec 3rd 2004 13:00 MEST Affected products: 8.1, 8.2, 9.0, 9.1, 9.2 SUSE Linux Enterprise Server 8, 9 SuSE-Linux-Standard-Server 8 SuSE Linux Openexchange Server 4 Vulnerability Type: remote command execution Severity (1-10):5 SUSE default package: No Cross References: CAN-2004-1011 CAN-2004-1012 CAN-2004-1013 Content of this advisory: 1) security vulnerability resolved: - buffer overflow and out of bounds access in cyrus imapd problem description 2) solution/workaround 3) special instructions and notes 4) package location and checksums 5) pending vulnerabilities, solutions, workarounds: - suidperl - putty 6) standard appendix (further information) __ 1) problem description, brief discussion Stefan Esser reported various bugs within the Cyrus IMAP Server. These include buffer overflows and out-of-bounds memory access which could allow remote attackers to execute arbitrary commands as root. The bugs occur in the pre-authentication phase, therefore an update is strongly recommended. 2) solution/workaround There is no temporary workaround except shutting down the IMAP server. 3) special instructions and notes After successfully updating the cyrus-imapd package you have to issue the following command as root: /sbin/rccyrus restart 4) package location and checksums Download the update package for your distribution and verify its integrity by the methods listed in section 3) of this announcement. Then, install the package using the command rpm -Fhv file.rpm to apply the update. Our maintenance customers are being notified individually. The packages are being offered for installation from the maintenance web. x86 Platform: SUSE Linux 9.2: ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/cyrus-imapd-2.2.8-6.3.i586.rpm 563c7c359df3e4572c27bccd1c4962eb patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/cyrus-imapd-2.2.8-6.3.i586.patch.rpm ceee2a62831855a563c56a0d7be12a6d source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/src/cyrus-imapd-2.2.8-6.3.src.rpm c24904edebe628e9dab9b805af56359a SUSE Linux 9.1: ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/cyrus-imapd-2.2.3-83.19.i586.rpm 53af4c594493abca71bd2789c6599019 patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/cyrus-imapd-2.2.3-83.19.i586.patch.rpm 2c596ce65de5d13c0ca14459e0462bd9 source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/cyrus-imapd-2.2.3-83.19.src.rpm 015268204791fc27c128705b1a22ca37 SUSE Linux 9.0: ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/cyrus-imapd-2.1.15-89.i586.rpm ed3c4bc9178eea7ad5a8a406d53a230d patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/cyrus-imapd-2.1.15-89.i586.patch.rpm b1ddc189663da719ec5d55ea186b795b source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/cyrus-imapd-2.1.15-89.src.rpm 6692959f014ed63d0c83ca02632e456b SUSE Linux 8.2: ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/cyrus-imapd-2.1.12-75.i586.rpm 09223533665db543be3e85b53b89b50a patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/cyrus-imapd-2.1.12-75.i586.patch.rpm c4606d6b48577af54486c40fb35a31b9 source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/cyrus-imapd-2.1.12-75.src.rpm beb341ef93888c1f1e3f6e6532109b0d SUSE Linux 8.1: ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/cyrus-imapd-2.1.16-56.i586.rpm 2d5c5cc7de173ff8153544166a19533c patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/cyrus-imapd-2.1.16-56.i586.patch.rpm 8d1cc9bea8f323c15b982dfc43df7b6c source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/cyrus-imapd-2.1.16-56.src.rpm bd1e20bd42974bbe9f8e3aee826a x86-64 Platform: SUSE Linux 9.2: ftp://ftp.suse.com/pub/suse/x86_64/update/9.2/rpm/x86_64/cyrus-imapd-2.2.8-6.3.x86_64.rpm 57bd598694d82f7f52af34659773d890 patch rpm(s): ftp://ftp.suse.com/pub/suse/x86_64/update/9.2/rpm/x86_64/cyrus-imapd-2.2.8-6.3.x86_64.patch.rpm
[Full-Disclosure] SUSE Security Announcement: xshared, XFree86-libs, xorg-x11-libs (SUSE-SA:2004:041)
-BEGIN PGP SIGNED MESSAGE- __ SUSE Security Announcement Package:xshared, XFree86-libs, xorg-x11-libs Announcement-ID:SUSE-SA:2004:041 Date: Wednesday, Nov 17th 2004 15:00 MET Affected products: 8.1, 8.2, 9.0, 9.1, 9.2 SUSE Linux Desktop 1.0 SUSE Linux Enterprise Server 8, 9 Novell Linux Desktop 1.0 Vulnerability Type: remote system compromise Severity (1-10):8 SUSE default package: yes Cross References:none Content of this advisory: 1) security vulnerability resolved: - several integer overflows - out-of-bounds memory access - shell command execution - path traversal - endless loops - memory leaks problem description 2) solution/workaround 3) special instructions and notes 4) package location and checksums 5) pending vulnerabilities, solutions, workarounds: - ImageMagick - clamav - perl-MIME-Tools, perl-Archive-ZIP - apache / mod_include - apache2 / mod_SSL 6) standard appendix (further information) __ 1) problem description, brief discussion The XPM library which is part of the XFree86/XOrg project is used by several GUI applications to process XPM image files. A source code review done by Thomas Biege of the SuSE Security-Team revealed several different kinds of bugs. The bug types are: - integer overflows - out-of-bounds memory access - shell command execution - path traversal - endless loops By providing a special image these bugs can be exploited by remote and/or local attackers to gain access to the system or to escalate their local privileges. 2) solution/workaround No workaround exists to protect against these bugs. 3) special instructions and notes Please restart the X server or switch to runlevel 3 and back to 5 to make sure every GUI application is restarted and uses the new library. 4) package location and checksums Download the update package for your distribution and verify its integrity by the methods listed in section 3) of this announcement. Then, install the package using the command rpm -Fhv file.rpm to apply the update. Our maintenance customers are being notified individually. The packages are being offered for installation from the maintenance web. Smalltalk is the only package using libxpm statically. It will be available via YOU too. x86 Platform: SUSE Linux 9.2: ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/xorg-x11-libs-6.8.1-15.3.i586.rpm 395edf444f05b448aa7c7e70455333ce patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/xorg-x11-libs-6.8.1-15.3.i586.patch.rpm 8d215ce255838120c70ba77ad944a84f source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/src/xorg-x11-6.8.1-15.3.src.rpm 3889aee5895035c57c716f370f5e414a SUSE Linux 9.1: ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/XFree86-libs-4.3.99.902-43.35.3.i586.rpm 89431783cd8261a970d6ec5484dd09e6 patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/XFree86-libs-4.3.99.902-43.35.3.i586.patch.rpm 8ea579d10465143a2334be812f23561e source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/XFree86-4.3.99.902-43.35.3.src.rpm a37eaa7e7b99c5c3e61439f2a4b00b2d SUSE Linux 9.0: ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/XFree86-libs-4.3.0.1-57.i586.rpm a12b2e861f114868fd70997f72536c8b patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/XFree86-libs-4.3.0.1-57.i586.patch.rpm c6ea49a796b316aa68dacc51ffd8eb8d source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/XFree86-4.3.0.1-57.src.rpm f53026511a470b875b0f9a63c52128d3 SUSE Linux 8.2: ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/XFree86-libs-4.3.0-132.i586.rpm b918f14df14961cf89528a930f49d7c4 patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/XFree86-libs-4.3.0-132.i586.patch.rpm 9c9c268bb248f1bcf2ef899ced2d5aa4 source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/XFree86-4.3.0-132.src.rpm 9a7846ddf22d58f9f64704b3a2451640 SUSE Linux 8.1: ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/xshared-4.2.0-269.i586.rpm d4549acb039d8bf317bc6052598764c9 patch rpm(s
[Full-Disclosure] SUSE Security Announcement: xpdf, gpdf, kpdf, pdftohtml, cups (SUSE-SA:2004:039)
-BEGIN PGP SIGNED MESSAGE- __ SUSE Security Announcement Package:xpdf, gpdf, kdegraphics3-pdf, pdftohtml, cups Announcement-ID:SUSE-SA:2004:039 Date: Tuesday, Oct 26th 2004 10:30 MEST Affected products: 8.1, 8.2, 9.0, 9.1, 9.2 SUSE Linux Enterprise Server 8, 9 SUSE Linux Desktop 1.0 Vulnerability Type: remote system compromise Severity (1-10):5 SUSE default package: yes Cross References: CAN-2004-0888 CAN-2004-0889 Content of this advisory: 1) security vulnerability resolved: - integer overflows - arithmetic errors problem description 2) solution/workaround 3) special instructions and notes 4) package location and checksums 5) pending vulnerabilities, solutions, workarounds: - freeradius denial of service problems - mpg123 - squid 6) standard appendix (further information) __ 1) problem description, brief discussion Xpdf is a widely used fast PDF file viewer. Various other PDF viewer and PDF conversion tools use xpdf code to accomplish their tasks. Chris Evans found several integer overflows and arithmetic errors. Additionally Sebastian Krahmer from the SuSE Security-Team found similar bugs in xpdf 3. These bugs can be exploited by tricking an user to open a malformated PDF file. As a result the PDF viewer can be crashed or may be even code can be executed. 2) solution/workaround Due to the wide usage of xpdf-based code we do not recommend switching to another PDF viewer as a workaround. You have to install the updates. 3) special instructions and notes Please restart all running instances of xpdf, gpdf, kpdf, pdftohtml, cups after updating successfully. 4) package location and checksums Please download the update package for your distribution and verify its integrity by the methods listed in section 3) of this announcement. Then, install the package using the command rpm -Fhv file.rpm to apply the update. Our maintenance customers are being notified individually. The packages are being offered to install from the maintenance web. Cups packages and all 9.2 packages will be available later. x86 Platform: SUSE Linux 9.1: ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/pdftohtml-0.36-112.3.i586.rpm f17866987c9099ed8b0395d184adfffc ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/xpdf-3.00-64.21.i586.rpm d648d6e96013cc339dd424041f8bc973 ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/gpdf-0.112.1-26.3.i586.rpm 16864a7b7652a3183f9f8cac034cf70e ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kdegraphics3-pdf-3.2.1-67.6.i586.rpm 8f09aa7927d9cdcfc52ab06e520b2441 patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/pdftohtml-0.36-112.3.i586.patch.rpm 2d3da1271fc9e072186fca6aa1de8c5c ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/xpdf-3.00-64.21.i586.patch.rpm 093d0aaa7f4fbe24afc722057cbe334e ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/gpdf-0.112.1-26.3.i586.patch.rpm 3af8141ddfbdf558afdf4f2f8f94a9f8 ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kdegraphics3-pdf-3.2.1-67.6.i586.patch.rpm 0d765c907e89a91186e03d8c8de87857 source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/pdftohtml-0.36-112.3.src.rpm d4892578f2d84c1bdbc36b0df9341607 ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/xpdf-3.00-64.21.src.rpm d4c06775143e5e6fec7bc544d248daee ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/gpdf-0.112.1-26.3.src.rpm cfda8ff6f352e1bc4f827a3118521b25 ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/kdegraphics3-3.2.1-67.6.src.rpm bb4d96dd72f0ee94315afd7b4c81e16b SUSE Linux 9.0: ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/pdftohtml-0.36-118.i586.rpm dc822cef09e27e169acd94cda1fb622a ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/xpdf-2.02pl1-141.i586.rpm c99912bc5656546b028a8c4fe0473a75 patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/pdftohtml-0.36-118.i586.patch.rpm 58b8a44ae02482d19c73959bfd85e85e ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/xpdf-2.02pl1-141.i586.patch.rpm 8055fbed4ac1e664706701e3b7d3e1bc source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/pdftohtml-0.36-118.src.rpm 35e37ded2db7d772d854748e606f42d0
[Full-Disclosure] SUSE Security Announcement: samba (SUSE-SA:2004:035)
-BEGIN PGP SIGNED MESSAGE- __ SUSE Security Announcement Package:samba Announcement-ID:SUSE-SA:2004:035 Date: Tuesday, Oct 5th 2004 16:53:01 MEST Affected products: 8.1, 8.2, 9.0 SUSE Linux Enterprise Server 8 SUSE Linux Desktop 1.0 Vulnerability Type: remote file disclosure Severity (1-10):6 SUSE default package: Yes Cross References: CAN-2004-0815 Content of this advisory: 1) security vulnerability resolved: - Samba file access problem problem description 2) solution/workaround 3) special instructions and notes 4) package location and checksums 5) pending vulnerabilities, solutions, workarounds: - opera - kernel - mozilla 6) standard appendix (further information) __ 1) problem description, brief discussion The Samba server, which allows to share files and resources via the SMB/CIFS protocol, contains a bug in the sanitation code of path names which allows remote attackers to access files outside of the defined share. In order to access these files, they must be readable by the account used for the SMB session. CAN-2004-0815 has been assigned to this issue. 2) solution/workaround As a temporary workaround you can set the wide links = no option in smb.conf and restart the samba server. However an update is recommended nevertheless. 3) special instructions and notes After successfully updating the samba package, you need to issue the following command as root: rcsmb restart 4) package location and checksums Please download the update package for your distribution and verify its integrity by the methods listed in section 3) of this announcement. Then, install the package using the command rpm -Fhv file.rpm to apply the update. Our maintenance customers are being notified individually. The packages are being offered to install from the maintenance web. SUSE Linux 9.0: ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/samba-2.2.8a-226.i586.rpm eb71869029b35d2a97d55e26514524db patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/samba-2.2.8a-226.i586.patch.rpm 48bb3e455079fcfdf4ad2baa28f28557 source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/samba-2.2.8a-226.src.rpm d162ea5a39b14ee16ae1c6d5df9211bb SUSE Linux 8.2: ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/samba-2.2.8a-225.i586.rpm 79b0514a827bdd782e6d3f62bb92fb85 patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/samba-2.2.8a-225.i586.patch.rpm a50dd448212245d51e9ac59ae50514e8 source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/samba-2.2.8a-225.src.rpm 25d488678b607b3c67612ee065abd77a SUSE Linux 8.1: ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/samba-2.2.8a-224.i586.rpm 93d0fb2502f30593548dbe2f41ec8948 patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/samba-2.2.8a-224.i586.patch.rpm da5b107fb71c5daf5972b6e0aaca4f5c source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/samba-2.2.8a-224.src.rpm e0b9f9af6c5348cb9840b5d98a1c59dc x86-64 Platform: SUSE Linux 9.0: ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/samba-2.2.8a-226.x86_64.rpm 0f1c94aa23653b0cf9b318646d9153af patch rpm(s): ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/samba-2.2.8a-226.x86_64.patch.rpm 569974c359702c263b0968ce8fb9810f source rpm(s): ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/samba-2.2.8a-226.src.rpm 75c1a01d03af42835809691840eaa331 __ 5) Pending vulnerabilities in SUSE Distributions and Workarounds: - opera New opera packages are available on our ftp servers, fixing CAN-2004-0691, CAN-2004-0597, CAN-2004-0598, CAN-2004-0599 and CAN-2004-0746. - kernel Update kernels for the kNFSd problem for SLES 8 and SL 8.1 have been released. - mozilla We are in the process of releasing updates for mozilla (and related browsers), fixing various issues: CAN-2004-0597, CAN-2004-0718, CAN-2004-0722, CAN-2004-0757, CAN-2004-0758, CAN-2004-0759, CAN-2004-0760, CAN-2004-0761, CAN-2004-0762, CAN-2004-0763, CAN-2004-0764 and CAN-2004-0765. We will give you concrete details in a separate mozilla advisory when the updates are available.
[Full-Disclosure] SUSE Security Announcement: XFree86-libs, xshared (SUSE-SA:2004:034)
-BEGIN PGP SIGNED MESSAGE- __ SUSE Security Announcement Package:XFree86-libs, xshared Announcement-ID:SUSE-SA:2004:034 Date: Friday, Sep 17th 2004 14:23 MEST Affected products: 8.1, 8.2, 9.0, 9.1 SUSE Linux Enterprise Server 8, 9 remote command execution Severity (1-10):9 SUSE default package: yes Cross References: CAN-2004-0687 CAN-2004-0688 Content of this advisory: 1) security vulnerability resolved: - stack-based buffer overflow - integer overflow problem description 2) solution/workaround 3) special instructions and notes 4) package location and checksums 5) pending vulnerabilities, solutions, workarounds: - samba - a2ps - mozilla - mc - squid - gaim - nessus - konqueror 6) standard appendix (further information) __ 1) problem description, brief discussion Chris Evans reported three vulnerabilities in libXpm which can be exploited remotely by providing malformed XPM image files. The function xpmParseColors() is vulnerable to an integer overflow and a stack-based buffer overflow. The functions ParseAndPutPixels() as well as ParsePixels() is vulnerable to a stack-based buffer overflow too. Additionally Matthieu Herrb found two one-byte buffer overflows. 2) solution/workaround There is no workaround known. 3) special instructions and notes After you have updated your system it would be best to restart the X server to remove all running instances of vulnerable libXpm code from your computer's memory. 4) package location and checksums Please download the update package for your distribution and verify its integrity by the methods listed in section 3) of this announcement. Then, install the package using the command rpm -Fhv file.rpm to apply the update. Our maintenance customers are being notified individually. The packages are being offered to install from the maintenance web. x86 Platform: SUSE Linux 9.1: ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/XFree86-libs-4.3.99.902-43.31.i586.rpm 3012c0528b52f9c32887469166d07c97 patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/XFree86-libs-4.3.99.902-43.31.i586.patch.rpm ff5ace1728b192c1be0ead104e7074a8 source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/XFree86-4.3.99.902-43.31.src.rpm e54b7716eecbadba26d29d808dfc253c SUSE Linux 9.0: ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/XFree86-libs-4.3.0.1-55.i586.rpm 80960eb494a1448276e07b88bcdf93b9 patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/XFree86-libs-4.3.0.1-55.i586.patch.rpm ef4e99c7ab08ee6f4ae4e6f6020d036e source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/XFree86-4.3.0.1-55.src.rpm 5320885836408599cd154b98e9f11c44 SUSE Linux 8.2: ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/XFree86-libs-4.3.0-127.i586.rpm c4c9e786460c73d25442aa0fbbbf3022 patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/XFree86-libs-4.3.0-127.i586.patch.rpm efa7c28f19acce67e82aae8b9beb5126 source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/XFree86-4.3.0-127.src.rpm d61403ce550e0873054ffe887f6406f3 SUSE Linux 8.1: ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/xshared-4.2.0-267.i586.rpm edea41c34e213abf627d3a9388a1e35d patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/xshared-4.2.0-267.i586.patch.rpm 517062ac1548ce2eafc734534cef6ba4 source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/xf86-4.2.0-267.src.rpm 5a840979d8615102e8cdad652608629d x86-64 Platform: SUSE Linux 9.1: ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/XFree86-libs-4.3.99.902-43.31.x86_64.rpm b0686b3f2cc91167e596202aacd3294a patch rpm(s): ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/XFree86-libs-4.3.99.902-43.31.x86_64.patch.rpm 9fc1ff5c09f45843c94ed50da0110496 source rpm(s): ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/XFree86-4.3.99.902-43.31.src.rpm faf725c1202d2b36ad9d85158b6c6479 SUSE Linux 9.0: ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/XFree86-libs-4.3.0.1-55.x86_64.rpm 24ae6856520a90d0125c343f7e26201f patch rpm(s):
[Full-Disclosure] SUSE Security Announcement: zlib (SUSE-SA:2004:029)
-BEGIN PGP SIGNED MESSAGE- __ SUSE Security Announcement Package:zlib Announcement-ID:SUSE-SA:2004:029 Date: Thursday, Sep 2nd 2004 17:30:00 MEST Affected products: 9.1 SUSE Linux Enterprise Server 9 Vulnerability Type: denial of service Severity (1-10):3-5 SUSE default package: yes Cross References: CAN-2004-0797 VU#238678 Content of this advisory: 1) security vulnerability resolved: - denial of service condition in zlib 2) solution/workaround 3) special instructions and notes 4) package location and checksums 5) pending vulnerabilities, solutions, workarounds: - gaim - opera - imlib, imlib2 6) standard appendix (further information) __ 1) problem description, brief discussion zlib is a widely used data compression library. Programs linked against it include most desktop applications as well as servers such as Apache and OpenSSH. The 'inflate' function of zlib handles certain input data incorrectly which could lead to a denial of service condition for programs using it with untrusted data. Whether the vulnerability can be exploided locally or remotely depends on the application using it. zlib versions older than version 1.2 are not affected. 2) solution/workaround There is no known workaround. 3) special instructions and notes After applying the update all programs linked against libz must be restarted. 4) package location and checksums Please download the update package for your distribution and verify its integrity by the methods listed in section 3) of this announcement. Then, install the package using the command rpm -Fhv file.rpm to apply the update. Our maintenance customers are being notified individually. The packages are being offered to install from the maintenance web. x86 Platform: SUSE Linux 9.1: ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/zlib-1.2.1-70.6.i586.rpm 831b925bd07550e53fcef3657416675d ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/zlib-devel-1.2.1-70.6.i586.rpm 10f7fb0af45b2c0fd436ddc8a2876697 patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/zlib-1.2.1-70.6.i586.patch.rpm 4a0b7a87fc8ed9129b6d940d8b577aa7 ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/zlib-devel-1.2.1-70.6.i586.patch.rpm 75b7929b89794b07ae96ce6bb833fcb0 source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/zlib-1.2.1-70.6.src.rpm 1cb7920050dc98a04377837f626ebd33 x86-64 Platform: SUSE Linux 9.1: ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/zlib-1.2.1-70.6.x86_64.rpm df1d74ebec5f74da7244ba8fff23feb0 ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/zlib-devel-1.2.1-70.6.x86_64.rpm 284ab472d375c567557a9256ca55cdc3 patch rpm(s): ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/zlib-1.2.1-70.6.x86_64.patch.rpm 7b49fd8bc2c06becd0aec7db62e4cd3d ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/zlib-devel-1.2.1-70.6.x86_64.patch.rpm a62b558fd4f683eddce9615090ef01b4 source rpm(s): ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/zlib-1.2.1-70.6.src.rpm 1ab725bb307b26a928edadfdb2d57cbc __ 5) Pending vulnerabilities in SUSE Distributions and Workarounds: - gaim Various buffer overflow conditions have been found in the gaim instant messenger. The MSN protocol parsing has already been fixed with the packages announced in the SUSE Security Announcement SUSE-SA:2004:025. The packages which fix the other pending bugs in gaim will be available on our FTP servers soon. - opera The web-browser opera is affected by several security bugs. New packages will soon be available on our FTP servers. - imlib, imlib2 Buffer overflows in the BMP image loader of imlib and imlib2 have been discovered. New packages will be available on our FTP servers soon. __ 6) standard appendix: authenticity verification, additional information - Package authenticity verification: SUSE update packages are available on many mirror ftp servers all over the world. While this service is being considered valuable and important to the free and open source software community, many users wish to be sure about the origin of the package and its content before installing the
[Full-Disclosure] SUSE Security Announcement: kernel (SUSE-SA:2004:028)
-BEGIN PGP SIGNED MESSAGE- __ SUSE Security Announcement Package:kernel Announcement-ID:SUSE-SA:2004:028 Date: Wednesday, Sept 1st 2004 14:26 MEST Affected products: 8.1, 8.2, 9.0, 9.1 SUSE Linux Database Server, SUSE eMail Server III, 3.1 SUSE Linux Enterprise Server 8, 9 SUSE Linux Connectivity Server SUSE Linux Office Server Vulnerability Type: remote denial-of-service Severity (1-10):6 SUSE default package: yes Cross References: none Content of this advisory: 1) security vulnerability resolved: - integer overflow in kNFSd - local denial-of-service condition via /dev/ptmx problem description 2) solution/workaround 3) special instructions and notes 4) package location and checksums 5) pending vulnerabilities, solutions, workarounds: - zlib - courier-imap - gaim - acroread - opera - netpbm/libnetpbm - webmin - spamassassin/perl-spamassassin - cfengine - xv 6) standard appendix (further information) __ 1) problem description, brief discussion Various signedness issues and integer overflows have been fixed within kNFSd and the XDR decode functions of kernel 2.6. These bugs can be triggered remotely by sending a package with a trusted source IP address and a write request with a size greater then 2^31. The result will be a kernel Oops, it is unknown if this bug is otherwise exploitable yet. Kernel 2.4 nfsd code is different but may suffer from the same vulnerability. Additionally a local denial-of-service condition via /dev/ptmx, which affects kernel 2.6 only has been fixed. Thanks to Jan Engelhardt for reporting this issue to us. This update also fixes several non security bugs, including: - CD and DVD writing of non-data media was leaking huge amounts kernel memory. - Fixed barrier issues on some IDE devices. barrier=none should not be needed anymore. 2) solution/workaround We recommend to update the kernel or, as a temporary workaround, block NFS traffic at your firewall or to switch back to the user-space NFS daemon. 3) special instructions and notes SPECIAL INSTALL INSTRUCTIONS: == The following paragraphs will guide you through the installation process in a step-by-step fashion. The character sequence marks the beginning of a new paragraph. In some cases, the steps outlined in a particular paragraph may or may not be applicable to your situation. Therefore, please make sure to read through all of the steps below before attempting any of these procedures. All of the commands that need to be executed are required to be run as the superuser (root). Each step relies on the steps before it to complete successfully. Note: The update packages for the SuSE Linux Enterprise Server 7 (SLES7) are being tested at the moment and will be published as soon as possible. Step 1: Determine the needed kernel type Please use the following command to find the kernel type that is installed on your system: rpm -qf /boot/vmlinuz Following are the possible kernel types (disregard the version and build number following the name separated by the - character) k_deflt # default kernel, good for most systems. k_i386# kernel for older processors and chipsets k_athlon # kernel made specifically for AMD Athlon(tm) family processors k_psmp# kernel for Pentium-I dual processor systems k_smp # kernel for SMP systems (Pentium-II and above) k_smp4G # kernel for SMP systems which supports a maximum of 4G of RAM kernel-64k-pagesize kernel-bigsmp kernel-default kernel-smp Step 2: Download the package for your system Please download the kernel RPM package for your distribution with the name as indicated by Step 1. The list of all kernel rpm packages is appended below. Note: The kernel-source package does not contain a binary kernel in bootable form. Instead, it contains the sources that the binary kernel rpm packages are created from. It can be used by administrators who have decided to build their own kernel. Since the kernel-source.rpm is an installable (compiled) package that contains sources for the linux kernel, it is not
[Full-Disclosure] SUSE Security Announcement: qt3 (SUSE-SA:2004:027)
-BEGIN PGP SIGNED MESSAGE- __ SUSE Security Announcement Package:qt3/qt3-non-mt/qt3-32bit/qt3-static Announcement-ID:SUSE-SA:2004:027 Date: Thursday, Aug 19th 2004 15:00 MEST Affected products: 8.1, 8.2, 9.0, 9.1 SUSE Linux Database Server, SUSE eMail Server III, 3.1 SUSE Linux Enterprise Server 8, 9 SUSE Linux Firewall on CD/Admin host SUSE Linux Connectivity Server SUSE Linux Office Server Vulnerability Type: remote system compromise Severity (1-10):7 SUSE default package: yes Cross References: CAN-2004-0691 CAN-2004-0692 CAN-2004-0693 Content of this advisory: 1) security vulnerability resolved: - buffer overflow in image handling code problem description 2) solution/workaround 3) special instructions and notes 4) package location and checksums 5) pending vulnerabilities, solutions, workarounds: - opera - acroread 6) standard appendix (further information) __ 1) problem description, brief discussion The QT-library is an environment for GUI-programming and is used in various well-known projects, like KDE. Chris Evans found a heap overflow in the BMP image format parser (CAN-2004-0691) which can probably be abused by remote attackers to execute arbitrary code with the privileges of the user using a malformed image as input for a vulnerable QT-based application. Additionally a NULL dereference in the GIF parser (CAN-2004-0693) was found. This lead to more research by other people and revealed another NULL dereference in the XPM parser (CAN-2004-0692) found by Marcus Meissner, SuSE Security-Team. The last two bugs can be used to trigger a remote denial-of-service attack against QT-based applications. 2) solution/workaround A temporary workaround for this issue is not known. 3) special instructions and notes After applying the update make sure all QT-based applications are restarted. It would be best to re-login if you use KDE. 4) package location and checksums Please download the update package for your distribution and verify its integrity by the methods listed in section 3) of this announcement. Then, install the package using the command rpm -Fhv file.rpm to apply the update. Our maintenance customers are being notified individually. The packages are being offered to install from the maintenance web. x86 Platform: SUSE Linux 9.1: ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/qt3-3.3.1-36.16.i586.rpm ee1026d5b6a4a554d95ce9d3626d6bf7 ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/qt3-non-mt-3.3.1-41.14.i586.rpm ea6c27890eb69d47b54786a727cb782f ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/qt3-static-3.3.1-41.14.i586.rpm b965364531163627f34b9a66e6d0b07e patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/qt3-3.3.1-36.16.i586.patch.rpm e698670506097dff0f9e61b594bcfeb9 ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/qt3-non-mt-3.3.1-41.14.i586.patch.rpm e64be5421ff6f1451c2b2dc926f8f081 ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/qt3-static-3.3.1-41.14.i586.patch.rpm b891c79e3a96538b69417e1aba6e85c4 source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/qt3-3.3.1-36.16.src.rpm 7d3b4859cca3548004d4dc0e2cb431a8 ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/qt3-non-mt-3.3.1-41.14.src.rpm 1ebff5e543d7d36cd13670189fe50443 ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/qt3-static-3.3.1-41.14.src.rpm a14a20c83eedde899af40a88cf60a14a SUSE Linux 9.0: ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/qt3-3.2.1-68.i586.rpm 975f35315d69a283355a9734edb323b1 ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/qt3-non-mt-3.2.1-70.i586.rpm 2256aa7e05a0d6f3a055dc915c6823a9 ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/qt3-static-3.2.1-70.i586.rpm df61777b0ce9dc097c794bcf3d236981 patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/qt3-3.2.1-68.i586.patch.rpm 26cb661048adf99b3633d633347043a7 ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/qt3-non-mt-3.2.1-70.i586.patch.rpm f36dcd428c96ff5126817d0dfb130816
[Full-Disclosure] SUSE Security Announcement: rsync (SUSE-SA:2004:026)
-BEGIN PGP SIGNED MESSAGE- __ SUSE Security Announcement Package:rsync Announcement-ID:SUSE-SA:2004:026 Date: Monday, Aug 16th 2004 16:00 MEST Affected products: 8.1, 8.2, 9.0, 9.1 SUSE Linux Database Server, SUSE eMail Server III, 3.1 SUSE Linux Enterprise Server 8, 9 SUSE Linux Firewall on CD/Admin host SUSE Linux Connectivity Server SUSE Linux Office Server Vulnerability Type: remote system compromise Severity (1-10):2 SUSE default package: no Cross References: http://samba.org/rsync/#security_aug04 Content of this advisory: 1) security vulnerability resolved: - insufficient pathname sanitizing problem description 2) solution/workaround 3) special instructions and notes 4) package location and checksums 5) pending vulnerabilities, solutions, workarounds: - KDE - mozilla/firefox - xine-lib - opera - acroread 6) standard appendix (further information) __ 1) problem description, brief discussion The rsync-team released an advisory about a security problem in rsync. If rsync is running in daemon-mode and without a chroot environment it is possible for a remote attacker to trick rsyncd into creating an absolute pathname while sanitizing it. As a result it is possible to read/write from/to files outside the rsync directory. SUSE LINUX ships the rsync daemon with a chroot environment enabled by default, therefore the default setup is not vulnerable. 2) solution/workaround As a temporary workaround we suggest to keep the chroot-option of rsyncd enabled or to avoid the daemon-mode and use SSH as transport channel if possible. 3) special instructions and notes After applying the update, all instances of the rsyncd should be closed and the rsync daemon should be restarted. Please execute the following command as root: 'rcrsyncd restart' 4) package location and checksums Please download the update package for your distribution and verify its integrity by the methods listed in section 3) of this announcement. Then, install the package using the command rpm -Fhv file.rpm to apply the update. Our maintenance customers are being notified individually. The packages are being offered to install from the maintenance web. x86 Platform: SUSE Linux 9.1: ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/rsync-2.6.2-8.9.i586.rpm afa5b8894e2d1acff4b040e8ba515ae4 patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/rsync-2.6.2-8.9.i586.patch.rpm c0bf6dcf573a9a4197da0977ea638f2a source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/rsync-2.6.2-8.9.src.rpm f31f409225560bd1ac1d5fb5f0d8c43e SUSE Linux 9.0: ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/rsync-2.6.2-26.i586.rpm 5d7be9a510a4a5fafccbc29c63b0dec8 patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/rsync-2.6.2-26.i586.patch.rpm 70809462c5d88bc8241b544100689efe source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/rsync-2.6.2-26.src.rpm f92d91816456f0e626ea1ee41ebe8b65 SUSE Linux 8.2: ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/rsync-2.6.2-26.i586.rpm 4f901dee110596bf2a48a24d8d094b71 patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/rsync-2.6.2-26.i586.patch.rpm c7260721ec51a569309cd4629a3a5ad1 source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/rsync-2.6.2-26.src.rpm fcd540a8e89c864b56cbad7d60696450 SUSE Linux 8.1: ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/rsync-2.6.2-25.i586.rpm 193752687ef1d98a5ebec4ff471842b1 patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/rsync-2.6.2-25.i586.patch.rpm 9b6225e3bd2ff624f5f61bd6b033e8b8 source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/rsync-2.6.2-25.src.rpm 0f649de8547008aa5e2a977ff209fca3 x86-64 Platform: SUSE Linux 9.1: ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/rsync-2.6.2-8.9.x86_64.rpm 745a09fdbccc7ccfea9705f54a6825a3 patch rpm(s): ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/rsync-2.6.2-8.9.x86_64.patch.rpm 725b10d1703f6ee41185564d08b151d3 source rpm(s):
[Full-Disclosure] SUSE Security Announcement: gaim (SUSE-SA:2004:025)
-BEGIN PGP SIGNED MESSAGE- __ SUSE Security Announcement Package:gaim Announcement-ID:SUSE-SA:2004:025 Date: Thursday, Aug 12th 2004 12:00 MEST Affected products: 9.1 Vulnerability Type: remote code execution Severity (1-10):6 SUSE default package: No Cross References: CAN-2004-0500 Content of this advisory: 1) security vulnerability resolved: - buffer overflow in gaim problem description 2) solution/workaround 3) special instructions and notes 4) package location and checksums 5) pending vulnerabilities, solutions, workarounds: - KDE - mozilla/firefox - ethereal - arts 6) standard appendix (further information) __ 1) problem description, brief discussion Gaim is an instant messaging client which supports a wide range of protocols. Sebastian Krahmer of the SuSE Security Team discovered various remotely exploitable buffer overflows in the MSN-protocol parsing functions during a code review of the MSN protocol handling code. Remote attackers can execute arbitrary code as the user running the gaim client. The vulnerable code exists in SUSE Linux 9.1 only. 2) solution/workaround There is no known workaround. 3) special instructions and notes Before applying the update, all instances of the gaim client should be closed. 4) package location and checksums Please download the update package for your distribution and verify its integrity by the methods listed in section 3) of this announcement. Then, install the package using the command rpm -Fhv file.rpm to apply the update. Our maintenance customers are being notified individually. The packages are being offered to install from the maintenance web. x86 Platform: SUSE Linux 9.1: ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/gaim-0.75-79.2.i586.rpm 860321d82ba69b52420f20a79d85e1cf patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/gaim-0.75-79.2.i586.patch.rpm 4f1fc5407a2edf9483103cf1e4c9667b source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/gaim-0.75-79.2.src.rpm 393b7a6739d24737eca93cc48e98 x86-64 Platform: SUSE Linux 9.1: ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/gaim-0.75-79.2.x86_64.rpm d6cf6e00d46bf3098f4b3a384e14b27f patch rpm(s): ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/gaim-0.75-79.2.x86_64.patch.rpm 35aa894e1a3f51fa4e210d0d01bfdd17 source rpm(s): ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/gaim-0.75-79.2.src.rpm 02e49732c72aec9d928a01491bca68fd __ 5) Pending vulnerabilities in SUSE Distributions and Workarounds: - KDE The KDE libs package contained two occureneces of insecure handling of temporary files in the mcoputils code (Thanks to Andrew Tuitt for reporting this to us) and in the dcopserver code. These two bugs can be exploited locally to remove and/or overwrite files with the privileges of the user running a vulnerable KDE application. A bug in the kdebase3 package allows the content of unrelated browser windows to be modified. This issue may be used to trick users into entering sensitive informations on a malicious web-site. New packages will be available soon. - mozilla/firefox We are currently testing new mozilla/firefox packages that include several fixes for security-related bugs. New packages will be available soon. - ethereal It may be possible to make Ethereal crash or run arbitrary code by injecting a malformed packet or by convincing someone to read a malformed packet trace file. (CAN-2004-0633, CAN-2004-0634, CAN-2004-0635) New packages are available at our FTP servers. - arts This update removes an inconsistency in the comparsion of credentials while creating temporary files. This flaw can be exploited locally in conjunction with setuid Arts applications. (very unlikely) __ 6) standard appendix: authenticity verification, additional information - Package authenticity verification: SUSE update packages are available on many mirror ftp servers all over the world. While this service is being considered valuable and important to the free and open source software community, many users wish to be sure about the origin of the package and its content before installing the
[Full-Disclosure] SUSE Security Announcement: kernel (SUSE-SA:2004:024)
-BEGIN PGP SIGNED MESSAGE- __ SUSE Security Announcement Package:kernel Announcement-ID:SUSE-SA:2004:024 Date: Monday, Aug 9th 2004 08:50 MEST Affected products: 8.0, 8.1, 8.2, 9.0, 9.1 SUSE Linux Database Server, SUSE eMail Server III, 3.1 SUSE Linux Enterprise Server 7, 8, 9 SUSE Linux Firewall on CD/Admin host SUSE Linux Connectivity Server SUSE Linux Office Server Vulnerability Type: local privilege escalation Severity (1-10):6 SUSE default package: yes Cross References: CAN-2004-0415 Content of this advisory: 1) security vulnerability resolved: - race condition in file offset pointer handling problem description 2) solution/workaround 3) special instructions and notes 4) package location and checksums 5) pending vulnerabilities, solutions, workarounds: - gaim - mozilla/firebird 6) standard appendix (further information) __ 1) problem description, brief discussion Paul Starzetz from iSEC informed us about a race condition in the 64bit file offset handling code of the kernel. The file offset pointer (f_pos) is changed during reading, writing, and seeking through a file to point to the current position in a file. The Linux kernel offers a 32bit and a 64bit API. Unfortunately the value conversion between this two APIs as well as the access to the f_pos pointer is defective. These bugs can be abused (mostly with entries in /proc) by a local attacker to gain access to uninitialized kernel memory which may contain sensitive information (root password and alike). Additionally a bug in the implementation of chown(2) for updating inode times, and a denial-of-service condition that can occur while handling signals was fixed. (Please note that the latter patch can cause problems by leaving zombie processes. We are working on a fix.) 2) solution/workaround The is no workaround known for this problem. Please install the update package for the kernel on your system. 3) special instructions and notes SPECIAL INSTALL INSTRUCTIONS: == The following paragraphs will guide you through the installation process in a step-by-step fashion. The character sequence marks the beginning of a new paragraph. In some cases, the steps outlined in a particular paragraph may or may not be applicable to your situation. Therefore, please make sure to read through all of the steps below before attempting any of these procedures. All of the commands that need to be executed are required to be run as the superuser (root). Each step relies on the steps before it to complete successfully. Note: The update packages for the SuSE Linux Enterprise Server 7 (SLES7) are being tested at the moment and will be published as soon as possible. Step 1: Determine the needed kernel type Please use the following command to find the kernel type that is installed on your system: rpm -qf /boot/vmlinuz Following are the possible kernel types (disregard the version and build number following the name separated by the - character) k_deflt # default kernel, good for most systems. k_i386# kernel for older processors and chipsets k_athlon # kernel made specifically for AMD Athlon(tm) family processors k_psmp# kernel for Pentium-I dual processor systems k_smp # kernel for SMP systems (Pentium-II and above) k_smp4G # kernel for SMP systems which supports a maximum of 4G of RAM kernel-64k-pagesize kernel-bigsmp kernel-default kernel-smp Step 2: Download the package for your system Please download the kernel RPM package for your distribution with the name as indicated by Step 1. The list of all kernel rpm packages is appended below. Note: The kernel-source package does not contain a binary kernel in bootable form. Instead, it contains the sources that the binary kernel rpm packages are created from. It can be used by administrators who have decided to build their own kernel. Since the kernel-source.rpm is an installable (compiled) package that contains sources for the linux kernel, it is not the source RPM for the kernel RPM binary packages. The kernel RPM binary packages for the distributions can be found at the locations below
[Full-Disclosure] SUSE Security Announcement: libpng (SUSE-SA:2004:023)
-BEGIN PGP SIGNED MESSAGE- __ SUSE Security Announcement Package:libpng Announcement-ID:SUSE-SA:2004:023 Date: Wednesday, Aug 4th 2004 16:00 MEST Affected products: 8.0, 8.1, 8.2, 9.0, 9.1 SUSE Linux Database Server, SUSE eMail Server III, 3.1 SUSE Linux Enterprise Server 7, 8, 9 SUSE Linux Firewall on CD/Admin host SUSE Linux Connectivity Server SUSE Linux Office Server Vulnerability Type: remote system compromise Severity (1-10):9 SUSE default package: yes Cross References: VU#388984 VU#236656 VU#160448 VU#477512 VU#817368 VU#286464 CAN-2004-0597 CAN-2004-0598 CAN-2004-0599 Content of this advisory: 1) security vulnerability resolved: - stack based buffer overflows - NULL pointer dereference - integer overflows problem description 2) solution/workaround 3) special instructions and notes 4) package location and checksums 5) pending vulnerabilities, solutions, workarounds: - mod_ssl - lha - gfxboot - liby2util - pure-ftpd - neon - pavuk - sox - gaim - kernel 6) standard appendix (further information) __ 1) problem description, brief discussion Several different security vulnerabilities were found in the PNG library which is used by applications to support the PNG image format. A remote attacker is able to execute arbitrary code by triggering a buffer overflow due to the incorrect handling of the length of transparency chunk data and in other pathes of image processing. (VU#388984, VU#817368, CAN-2004-0597) A special PNG image can be used to cause an application crashing due to NULL pointer dereference in the function png_handle_iCPP() (and other locations). (VU#236656, CAN-2004-0598) Integer overflows were found in png_handle_sPLT(), png_read_png() functions and other locations. These bugs may at least crash an application. (VU#160448, VU#477512, VU#286464, CAN-2004-0599) Many thanks to Chris Evans who reported issues to us and other vendors. 3) special instructions and notes Various applications use libpng either dynamically linked, statically linked, or by linking a copy of libpng included in the application's source distribution. In the first case you have to restart the affected application. In the other cases we will release updates for these packages if the vulnerable libpng code is called with input from an untrusted source. 4) package location and checksums Please download the update package for your distribution and verify its integrity by the methods listed in section 3) of this announcement. Then, install the package using the command rpm -Fhv file.rpm to apply the update. Our maintenance customers are being notified individually. The packages are being offered to install from the maintenance web. x86 Platform: SUSE Linux 9.1: ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/libpng-1.2.5-182.7.i586.rpm 0e89a04a0a50a49f756795bbd319e1dd patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/libpng-1.2.5-182.7.i586.patch.rpm dc7270f4c0c728c3ba7252d0a551e437 source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/libpng-1.2.5-182.7.src.rpm bb8d8000a010d92747dda1b0908d41aa SUSE Linux 9.0: ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/libpng-1.2.5-191.i586.rpm 5b34c70a715cd34bb0e5879063dcf63b patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/libpng-1.2.5-191.i586.patch.rpm 6c192934eae546bc1f2c9b7980c848f0 source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/libpng-1.2.5-191.src.rpm c740a8c8c6188470512c91ec8e9e70a9 SUSE Linux 8.2: ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/libpng-1.2.5-191.i586.rpm 64d76d67104123317c4a66a0721072e8 patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/libpng-1.2.5-191.i586.patch.rpm 372b2eae57ff3ff90ad1250e8a2d3a91 source rpm(s):
[Full-Disclosure] SUSE Security Announcement: samba (SUSE-SA:2004:022)
-BEGIN PGP SIGNED MESSAGE- __ SUSE Security Announcement Package:samba Announcement-ID:SUSE-SA:2004:022 Date: Friday, Jul 23th 2004 12:30 MEST Affected products: 8.1, 8.2, 9.0, 9.1 SUSE Linux Database Server, SUSE eMail Server III, 3.1 SUSE Linux Enterprise Server 7, 8 SUSE Linux Firewall on CD/Admin host SUSE Linux Connectivity Server SUSE Linux Office Server Vulnerability Type: remote root compromise Severity (1-10):7 SUSE default package: no Cross References: CAN-2004-0600 CAN-2004-0686 Content of this advisory: 1) security vulnerability resolved: - buffer overflow in base64 code - buffer overflow in mangling method hash code problem description, discussion, solution and upgrade information 2) pending vulnerabilities, solutions, workarounds: - cadaver - kopete - wv - gnats - OpenOffice_org - mod_ssl - lha 3) standard appendix (further information) __ 1) problem description, brief discussion, solution, upgrade information The Samba Web Administration Tool (SWAT) was found vulnerable to a buffer overflow in its base64 code. This buffer overflow can possibly be exploited remotely before any authentication took place to execute arbitrary code. The same piece of vulnerable code was also used in ldapsam passdb and in the ntlm_auth tool. This vulnerability only exists on Samba 3.0.2 to 3.0.4. Another buffer overflow was found in Samba 3.0.0 and later, as well as in Samba 2.2.x. This overflow exists in the hash code of the mangling method (smb.conf: mangling method = hash), the default uses hash2 which is not vulnerable. There is no temporary workaround known. The first proof-of-concept exploits were seen on public mailing lists. After the installation was successfully completed please restart the samba daemon. /usr/sbin/rcsmb restart SWAT is called by inetd/xinetd. Therefore it is sufficient to kill all running instances of SWAT only. Please download the update package for your distribution and verify its integrity by the methods listed in section 3) of this announcement. Then, install the package using the command rpm -Fhv file.rpm to apply the update. Our maintenance customers are being notified individually. The packages are being offered to install from the maintenance web. Note that SLES8 packages will be delivered with a short delay. x86 Platform: SUSE Linux 9.1: ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/samba-3.0.4-1.27.i586.rpm eb8a66582bfa5749457ac18d518321ef ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/samba-client-3.0.4-1.27.i586.rpm d38d71df7e69ede72ae70f1e763ee688 ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/samba-pdb-3.0.4-1.27.i586.rpm 9d95db6023323752e1705147c3a0609a ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/samba-python-3.0.4-1.27.i586.rpm dfd2c9883cfdbefc27d8a6d555d483df ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/samba-vscan-0.3.4-83.30.i586.rpm 117af75e8fb9d8a941a88680f813f7ba ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/samba-winbind-3.0.4-1.27.i586.rpm a589036769807de0fc0aa5bab67010f4 ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/samba-doc-3.0.4-1.12.i586.rpm c5ef1760451cc548082ad6dad990e971 ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/libsmbclient-3.0.4-1.27.i586.rpm 2ea69766d732ca3393a3a49256550315 ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/libsmbclient-devel-3.0.4-1.27.i586.rpm 6c03f36007f9172ec2c51b18796b7fed patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/samba-3.0.4-1.27.i586.patch.rpm 1d4b5402e5c4d86c6da563176e4c08fb ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/samba-client-3.0.4-1.27.i586.patch.rpm 71a324e5651388fc8386abd3ac7390e8 ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/samba-pdb-3.0.4-1.27.i586.patch.rpm 37bb872de17d6553cd4b3953339fff57 ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/samba-python-3.0.4-1.27.i586.patch.rpm 7e3f654697615788d6ec4a8b7befb409 ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/samba-vscan-0.3.4-83.30.i586.patch.rpm 4fe8afef0d7a6423e9d75059f5c3a39c
[Full-Disclosure] SUSE Security Announcement: dhcp-server (SuSE-SA:2004:019)
-BEGIN PGP SIGNED MESSAGE- __ SUSE Security Announcement Package:dhcp/dhcp-server Announcement-ID:SuSE-SA:2004:019 Date: Tuesday, Jun 22st 2004 21:00 MEST Affected products: 8.0, 8.1, 8.2, 9.0, 9.1 SUSE Linux Database Server, SUSE eMail Server III, 3.1 SUSE Linux Enterprise Server 7, 8 SUSE Linux Firewall on CD/Admin host SUSE Linux Connectivity Server SUSE Linux Office Server Vulnerability Type: remote system compromise Severity (1-10):5 SUSE default package: yes Cross References: VU#317350 VU#654390 Content of this advisory: 1) security vulnerability resolved: buffer overflow problem description, discussion, solution and upgrade information 2) pending vulnerabilities, solutions, workarounds: - icecast - sitecopy - cadaver - OpenOffice_org - tripwire - postgresql - lha - XDM - mod_proxy 3) standard appendix (further information) __ 1) problem description, brief discussion, solution, upgrade information The Dynamic Host Configuration Protocol (DHCP) server is used to configure clients that dynamically connect to a network (WLAN hotspots, customer networks, ...). The CERT informed us about a buffer overflow in the logging code of the server that can be triggered by a malicious client by supplying multiple hostnames. The hostname strings are concatenated and copied in a fixed size buffer without checking the buffer bounds. Other possible buffer overflow conditions exist in using vsprintf() instead of vsnprintf(). This behavior can be configured during compile- time. The dhcp/dhcp-server package coming with SUSE LINUX used the vulnerable vsprintf() function. Since SuSE Linux 8.1/SuSE Linux Enterprise Server 8 the DHCP server runs as non-root user in a chroot jail. This setup limits the impact of a successful attack. There is no temporary workaround known. Please download the update package for your distribution and verify its integrity by the methods listed in section 3) of this announcement. Then, install the package using the command rpm -Fhv file.rpm to apply the update. Our maintenance customers are being notified individually. The packages are being offered to install from the maintenance web. x86 Platform: SUSE Linux 9.1: ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/dhcp-server-3.0.1rc13-28.15.i586.rpm 6de5ea6efc87a3fcd3ed0ad6b9500a72 patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/dhcp-server-3.0.1rc13-28.15.i586.patch.rpm e64d5f02268edf0cd4ecac5e917c2872 source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/dhcp-3.0.1rc13-28.15.src.rpm 6be43d62ac4987c21d37bbfaf474d604 SUSE Linux 9.0: ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/dhcp-server-3.0.1rc12-71.i586.rpm 617270aba8651abb59a492bfe9b60018 patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/dhcp-server-3.0.1rc12-71.i586.patch.rpm 4a90fa43709f38a2c6b3dbcf591a0adb source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/dhcp-3.0.1rc12-71.src.rpm ac606c8da1f8f4eae538ea110c639432 SUSE Linux 8.2: ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/dhcp-server-3.0.1rc10-61.i586.rpm 28020cc4c5d8a57cf5da5fbb1fcb682c patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/dhcp-server-3.0.1rc10-61.i586.patch.rpm 425546108271103762940ee6407ee03c source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/dhcp-3.0.1rc10-3.src.rpm a0a1ef9fbc13ac94bd9371eea33a6113 SUSE Linux 8.1: ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/dhcp-server-3.0.1rc9-144.i586.rpm 77ecf5ffef83bcf36636c1330bdfc4be patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/dhcp-server-3.0.1rc9-144.i586.patch.rpm d505bd9f0787eb1dca75a4b6908d1ce9 source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/dhcp-3.0.1rc9-5.src.rpm 877b2bc5e21ad6f4e30968df29cb7c7e SUSE Linux 8.0: ftp://ftp.suse.com/pub/suse/i386/update/8.0/n2/dhcp-server-3.0.1rc6-22.i386.rpm efad137cb0835d11f789a0a41de88c85 patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.0/n2/dhcp-server-3.0.1rc6-22.i386.patch.rpm
[Full-Disclosure] SUSE Security Announcement: kernel (SuSE-SA:2004:017)
-BEGIN PGP SIGNED MESSAGE- __ SUSE Security Announcement Package:kernel Announcement-ID:SuSE-SA:2004:017 Date: Wednesday, Jun 16th 2004 15:20 MEST Affected products: 8.0, 8.1, 8.2, 9.0, 9.1 SuSE Linux Database Server, SuSE eMail Server III, 3.1 SuSE Linux Enterprise Server 7, 8 SuSE Linux Firewall on CD/Admin host SuSE Linux Connectivity Server SuSE Linux Office Server Vulnerability Type: local denial-of-service attack Severity (1-10):4 SUSE default package: no Cross References: CAN-2004-0554 Content of this advisory: 1) security vulnerability resolved: - floating point exception causes system crash problem description, discussion, solution and upgrade information 2) pending vulnerabilities, solutions, workarounds: - icecast - sitecopy - cadaver - OpenOffice_org - tripwire - postgresql - lha - XDM - mod_proxy 3) standard appendix (further information) __ 1) problem description, brief discussion, solution, upgrade information The Linux kernel is vulnerable to a local denial-of-service attack. By using a C program it is possible to trigger a floating point exception that puts the kernel into an unusable state. To execute this attack a malicious user needs shell access to the victim's machine. The severity of this bug is considered low because local denial-of- service attacks are hard to prevent in general. Additionally the bug is limited to x86 and x86_64 architecture. SPECIAL INSTALL INSTRUCTIONS: == The following paragraphs will guide you through the installation process in a step-by-step fashion. The character sequence marks the beginning of a new paragraph. In some cases, the steps outlined in a particular paragraph may or may not be applicable to your situation. Therefore, please make sure to read through all of the steps below before attempting any of these procedures. All of the commands that need to be executed are required to be run as the superuser (root). Each step relies on the steps before it to complete successfully. Note: The update packages for the SuSE Linux Enterprise Server 7 (SLES7) are being tested at the moment and will be published as soon as possible. Step 1: Determine the needed kernel type Please use the following command to find the kernel type that is installed on your system: rpm -qf /boot/vmlinuz Following are the possible kernel types (disregard the version and build number following the name separated by the - character) k_deflt # default kernel, good for most systems. k_i386# kernel for older processors and chipsets k_athlon # kernel made specifically for AMD Athlon(tm) family processors k_psmp# kernel for Pentium-I dual processor systems k_smp # kernel for SMP systems (Pentium-II and above) k_smp4G # kernel for SMP systems which supports a maximum of 4G of RAM kernel-64k-pagesize kernel-bigsmp kernel-default kernel-smp Step 2: Download the package for your system Please download the kernel RPM package for your distribution with the name as indicated by Step 1. The list of all kernel rpm packages is appended below. Note: The kernel-source package does not contain a binary kernel in bootable form. Instead, it contains the sources that the binary kernel rpm packages are created from. It can be used by administrators who have decided to build their own kernel. Since the kernel-source.rpm is an installable (compiled) package that contains sources for the linux kernel, it is not the source RPM for the kernel RPM binary packages. The kernel RPM binary packages for the distributions can be found at the locations below ftp://ftp.suse.com/pub/suse/i386/update/. 8.0/images/ 8.1/rpm/i586 8.2/rpm/i586 9.0/rpm/i586 9.1/rpm/i586 After downloading the kernel RPM package for your system, you should verify the authenticity of the kernel rpm package using the methods as listed in section 3) of each SUSE Security Announcement. Step 3: Installing your kernel rpm package Install the rpm package that you have downloaded in Steps 3 or 4 with the command rpm -Uhv
[Full-Disclosure] SUSE Security Announcement: cvs (SuSE-SA:2004:015)
-BEGIN PGP SIGNED MESSAGE- __ SUSE Security Announcement Package:cvs Announcement-ID:SuSE-SA:2004:015 Date: Wed Jun 9 15:00:00 MEST 2004 Affected products: 8.0, 8.1, 8.2, 9.0, 9.1 SuSE Firewall on CD 2 - VPN SuSE Firewall on CD 2 SuSE Linux Enterprise Server 7, 8 SuSE Linux Office Server UnitedLinux 1.0 Vulnerability Type: remote command execution Severity (1-10):6 SUSE default package: No. Cross References: CAN-2004-0416 CAN-2004-0417 CAN-2004-0418 Content of this advisory: 1) security vulnerability resolved: various security issues in cvs problem description, discussion, solution and upgrade information 2) pending vulnerabilities, solutions, workarounds: - icecast - sitecopy - cadaver - tla - OpenOffice_org - tripwire - postgresql - lha - apache/mod_ssl 3) standard appendix (further information) __ 1) problem description, brief discussion, solution, upgrade information The Concurrent Versions System (CVS) offers tools which allow developers to share and maintain large software projects. Various remotely exploitable conditions have been found during a source code review of CVS done by Stefan Esser and Sebastian Krahmer (SuSE Security-Team). These bugs allow remote attackers to execute arbitrary code as the user the CVS server runs as. Since there is no easy workaround we strongly recommend to update the cvs package. The update packages fix vulnerabilities which have been assigned the CAN numbers CAN-2004-0416, CAN-2004-0417 and CAN-2004-0418. The cvs packages shipped by SUSE (as well as our recent updates for CVS) are not vulnerable to CAN-2004-0414. Please download the update package for your distribution and verify its integrity by the methods listed in section 3) of this announcement. Then, install the package using the command rpm -Fhv file.rpm to apply the update. Our maintenance customers are being notified individually. The packages are being offered to install from the maintenance web. Intel i386 Platform: SuSE-9.1: ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/cvs-1.11.14-24.6.i586.rpm 47731cff36f671c97e90a8b304dfa508 patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/cvs-1.11.14-24.6.i586.patch.rpm d9aaad71404029c53d3972f035f58b41 source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/cvs-1.11.14-24.6.src.rpm f3fdcd3355df637c34d1c2058be48fba SuSE-9.0: ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/cvs-1.11.6-83.i586.rpm b2c14b51a074fd8059af6d084d2684bd patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/cvs-1.11.6-83.i586.patch.rpm e22c93b42f31ac7e9319cf31a266f6c0 source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/cvs-1.11.6-83.src.rpm 211950707baf445fbe87fd73b243da18 SuSE-8.2: ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/cvs-1.11.5-114.i586.rpm c9e1680bd0fa4fb5239e89747add07e9 patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/cvs-1.11.5-114.i586.patch.rpm 8cabcc36b298326e738311cad37f32dc source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/cvs-1.11.5-114.src.rpm ebeca38a0d002044c68c20bfc051b14f SuSE-8.1: ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/cvs-1.11.1p1-332.i586.rpm 597bac9a562582828b1f5cadd30f004f patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/cvs-1.11.1p1-332.i586.patch.rpm fc1a12767ad7e2fbfb7294cc4112b2f7 source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/cvs-1.11.1p1-332.src.rpm fb51cfd019b7f84857b6c6454b21418d SuSE-8.0: ftp://ftp.suse.com/pub/suse/i386/update/8.0/d3/cvs-1.11.1p1-332.i386.rpm 67de2e7aed4d0cc282965118bd1afb66 patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.0/d3/cvs-1.11.1p1-332.i386.patch.rpm 9a1a381eba6312ab168e22c7d519a93a source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/cvs-1.11.1p1-332.src.rpm b10baa53b3e0e4a1d0839cb5d4696215 Opteron x86_64 Platform: SuSE-9.1: ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/cvs-1.11.14-24.6.x86_64.rpm 6aec551d7128a714e40cc30e94b8f885
[Full-Disclosure] SUSE Security Announcement: squid (SuSE-SA:2004:016)
-BEGIN PGP SIGNED MESSAGE- __ SUSE Security Announcement Package:squid Announcement-ID:SuSE-SA:2004:016 Date: Wednesday, Jun 9th 2004 16:30 MEST Affected products: 8.2, 9.0, 9.1 Vulnerability Type: remote system compromise Severity (1-10):5 SUSE default package: no Cross References: CAN-2004-0541 Content of this advisory: 1) security vulnerability resolved: - buffer overflow problem description, discussion, solution and upgrade information 2) pending vulnerabilities, solutions, workarounds: - icecast - sitecopy - cadaver - tla - OpenOffice_org - tripwire - postgresql - lha 3) standard appendix (further information) __ 1) problem description, brief discussion, solution, upgrade information Squid is a feature-rich web-proxy with support for various web-related protocols. The NTLM authentication helper application of Squid is vulnerable to a buffer overflow that can be exploited remotely by using a long password to execute arbitrary code. NTLM authentication is enabled by default in the Squid package that is shipped by SUSE LINUX. There is no workaround known other then turning off the NTLM authentication. Please download the update package for your distribution and verify its integrity by the methods listed in section 3) of this announcement. Then, install the package using the command rpm -Fhv file.rpm to apply the update. Our maintenance customers are being notified individually. The packages are being offered to install from the maintenance web. Intel i386 Platform: SuSE-9.1: ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/squid-2.5.STABLE5-42.9.i586.rpm ea3da461f226cc881562b06224a8370e patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/squid-2.5.STABLE5-42.9.i586.patch.rpm f85bd7c071695d0d9c304969c5a35a23 source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/squid-2.5.STABLE5-42.9.src.rpm 610caf4de1d7333af0f8613767d40bb0 SuSE-9.0: ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/squid-2.5.STABLE3-110.i586.rpm fc31dd7379b249d8f9a07d0f4464996d patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/squid-2.5.STABLE3-110.i586.patch.rpm 06961779c39bca33ee2d619773f47f39 source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/squid-2.5.STABLE3-110.src.rpm 90c171552d03e2efb731d25a4ffbf553 SuSE-8.2: ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/squid-2.5.STABLE1-98.i586.rpm d35da0a2719ca8de24c299ef9a8dbe3f patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/squid-2.5.STABLE1-98.i586.patch.rpm 0aa98cf95a23a0ea35a2e6657717243e source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/squid-2.5.STABLE1-98.src.rpm 4fdd84cebf8dbdc7334e48a9f8369efc SuSE-8.0: ftp://ftp.suse.com/pub/suse/i386/update/8.0/n2/squid-2.4.STABLE6-9.i386.rpm fa4780901f96712ea22eef28bdf53700 patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.0/n2/squid-2.4.STABLE6-9.i386.patch.rpm 917c26da9c444085d045b708548eae3e source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/squid-2.4.STABLE6-9.src.rpm dc96baf5541829ee6e615861d17146aa Opteron x86_64 Platform: SuSE-9.1: ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/squid-2.5.STABLE5-42.9.x86_64.rpm 868c4121e1622f6ac91a8eaac414eabe patch rpm(s): ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/squid-2.5.STABLE5-42.9.x86_64.patch.rpm 0cbc28a5262dfe4eb72ee3fbbb5b4657 source rpm(s): ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/squid-2.5.STABLE5-42.9.src.rpm 20ab0af37af2139e1de8f1f4edfcc2c6 SuSE-9.0: ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/squid-2.5.STABLE3-110.x86_64.rpm 616f32f8196ed53a4f5f163f33d2a838 patch rpm(s): ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/squid-2.5.STABLE3-110.x86_64.patch.rpm 72ca1d31e833be4d9e9c150349d2bbbc source rpm(s): ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/squid-2.5.STABLE3-110.src.rpm 632bd7bdbe116eff14213b9f6245cd0a __ 2) Pending vulnerabilities in SUSE Distributions and Workarounds: - icecast The icecast service is vulnerable to a remote denial-of-service attack. Update packages will be available soon.
[Full-Disclosure] Call for Participation Workshop DIMVA 2004
Angriffsstatistiken / Olaf Gellert, Till Dörges, Klaus-Peter Kossakowski (Presecure, DE) Vulnerabilities Sessions: Foundations for Intrusion Prevention / Shai Rubin, Ian D. Alderman, David W. Parter, Mary K. Vernon (University of Wisconsin, USA) Structural Comparison of Executable Objects / Halvar Flake (DE) Anti-Patterns in JDK Security and Refactorings / Marc Schönefeld (Universität Bamberg, DE) Hardened OS exploitation techniques / Sebastian Krahmer (SuSE, DE) (*) UNIX und Linux basierte Kernel Rootkits / Andreas Bunten (DFN-CERT, DE) Malware Session: LIV - The Linux Intregrated Viruswall / Teobaldo A. Dantas de Medeiros (Federal Center for Technological Education, BR), Paulo S. Motta Pires (University of Rio Grande, BR) (*) Risiken der Nichterkennung von Malware in komprimierter Form / Heiko Fangmeier, Michel Messerschmidt, Fabian Müller, Jan Seedorf (antiVirusTestCenter, DE) Program committee - Thomas Biege (SuSE Linux AG) Roland Büschkes (T-Mobile) Toralv Dirro (Network Associates) Anja Feldmann (TU München) Ulrich Flegel (vice chair) (Uni Dortmund) Christian Freckmann (TÜV-IT) Oliver Göbel (RUS-CERT) Christian Götz (Cirosec) Dirk Häger (BSI) Marc Heuse (Unisys) Klaus Julisch (IBM Research Zürich) Oliver Karow (Symantec) Klaus-Peter Kossakowski (Presecure) Hartmut König (BTU Cottbus) Heiko Krumm (Uni Dortmund) Christopher Krügel (UCSB, Kalifornien) Holger Mack (Secorvo) Michael Meier (chair) (BTU Cottbus) Jens Nedon (Consecur) Christian Schmid (Linz, Österreich) Morton Swimmer (IBM Research Zürich) Stefan Strobel (Cirosec) Marco Thorbrügge (DFN-CERT) Andreas Wespi (IBM Research Zürich) Stephen Wolthusen (Fraunhofer IGD Darmstadt) Ralf Zessin (Maxpert AG) Organization Claudia Graute (registration office) University of Dortmund, Computer Science Dpt., Chair VI, ISSI D-44221 Dortmund, Germany Tel.: +49-231-755-2641 Fax: +49-231-755-2405 Email: dimva2004{at}gi-fg-sidar.de Ulrich Flegel (chair and local organization) University of Dortmund, Computer Science Dpt., Chair VI, ISSI D-44221 Dortmund, Germany Tel.: +49-231-755-4775 Fax: +49-231-755-2405 Email: ulrich.flegel{at}udo.edu Michael Meier (program chair) Brandenburg University of Technology Cottbus, Computer Science Dept., Chair Networks, Postfach 10 13 44, D-03013 Cottbus, Germany Tel.: +49-355-69-2028 Fax: +49-355-69-2127 Email: mm{at}informatik.tu-cottbus.de ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
[Full-Disclosure] SUSE Security Announcement: mc (SuSE-SA:2004:012)
-BEGIN PGP SIGNED MESSAGE- __ SUSE Security Announcement Package:mc Announcement-ID:SuSE-SA:2004:012 Date: Friday, May 14th 2004 16:00 MEST Affected products: 8.0, 8.1, 8.2, 9.0, 9.1 SuSE Linux Database Server, SuSE eMail Server III, 3.1 SuSE Linux Enterprise Server 7, 8 SuSE Linux Firewall on CD/Admin host SuSE Linux Connectivity Server SuSE Linux Office Server Vulnerability Type: local privilege escalation Severity (1-10):3 SUSE default package: yes Cross References: CAN-2004-0226 CAN-2004-0231 CAN-2004-0232 Content of this advisory: 1) security vulnerability resolved: - buffer overflows - tmp file problems - format string bugs problem description, discussion, solution and upgrade information 2) pending vulnerabilities, solutions, workarounds: - sharutils - apache2* - xine* - sysconfig - clamav - exim - utempter - busybox - monit - ethereal - kphone 3) standard appendix (further information) __ 1) problem description, brief discussion, solution, upgrade information The Midnight Commander (mc) is a file manager for the console. The mc code is vulnerable to several security related bugs like buffer overflows, incorrect format string handling and insecure usage of temporary files. These bugs can be exploited by local users to gain access to the privileges of the user running mc. There is no workaround known other then avoid using mc. Please download the update package for your distribution and verify its integrity by the methods listed in section 3) of this announcement. Then, install the package using the command rpm -Fhv file.rpm to apply the update. Our maintenance customers are being notified individually. The packages are being offered to install from the maintenance web. Intel i386 Platform: SuSE-9.0: ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/mc-4.6.0-327.i586.rpm c5ad0c60348bc462db2d71735247ee1d patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/mc-4.6.0-327.i586.patch.rpm 850b02c3908588ae83afd5027add43ec source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/mc-4.6.0-327.src.rpm 71c511d7bfbf7cc285aed54e164e4077 SuSE-8.2: ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/mc-4.6.0-327.i586.rpm c12550eca593946915b2bf39759e78d1 patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/mc-4.6.0-327.i586.patch.rpm 8879832d99052ac11fc40423027f4bb4 source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/mc-4.6.0-327.src.rpm 585c3678406be16171b26ceaeb5600c7 SuSE-8.1: ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/mc-4.5.55-758.i586.rpm 4fa2bd194e823ef8dce8b0ee4a7d5707 patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/mc-4.5.55-758.i586.patch.rpm b22258254be06b2493d1ea39a5b97b00 source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/mc-4.5.55-758.src.rpm 860f9fc3b3825031b8d7c10fbf793fcd SuSE-8.0: ftp://ftp.suse.com/pub/suse/i386/update/8.0/ap1/mc-4.5.55-758.i386.rpm bdf10b7c25fdececa1f369b0baeaa764 patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.0/ap1/mc-4.5.55-758.i386.patch.rpm 7e3c66bb6f257688f858424f164e360d source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/mc-4.5.55-758.src.rpm 46dd268a6e2f7c7596ed45fd9ab03c88 __ 2) Pending vulnerabilities in SUSE Distributions and Workarounds: - sharutils This update fixes a buffer overflow in shar while handling the '-o' commandline option. The buffer overflow can be abused to execute commands remotely in conjunction with other systems (CGI, ...). New packages are available on our FTP servers. - apache2/-devel/-doc/-example-pages/-prefork/-perchild/-worker, apr, libapr0 These updates fix a memory leak in the mod_ssl module of apache2 (CAN-2004-0113), a possible remote DoS attack on accessing rarely used listening ports (CAN-2004-0174), and a problem with unescaped special characters in log files that could present a security hazard for
[Full-Disclosure] SUSE Security Announcement: Linux Kernel (SuSE-SA:2004:009)
-BEGIN PGP SIGNED MESSAGE- __ SUSE Security Announcement Package:Linux Kernel Announcement-ID:SuSE-SA:2004:009 Date: Wednesday, Apr. 14th 2004 17:30 MEST Affected products: 8.0, 8.1, 8.2, 9.0 SuSE Linux Database Server, SuSE eMail Server III, 3.1 SuSE Linux Enterprise Server 7, 8 SuSE Linux Firewall on CD/Admin host SuSE Linux Connectivity Server SuSE Linux Office Server Vulnerability Type: - local privilege escalation - information leakage Severity (1-10):6 SUSE default package: yes Cross References: CAN-2004-0109 CAN-2004-0181 Content of this advisory: 1) security vulnerability resolved: - buffer overflow in ISO9660 code - information leakage in JFS problem description, discussion, solution and upgrade information 2) pending vulnerabilities, solutions, workarounds: - mailman - sysstat - neon - openssh - kdeprint/kdelibs3 - MPlayer - sysstat - apache2 - emil - metamail - tcpdump 3) standard appendix (further information) __ 1) problem description, brief discussion, solution, upgrade information iDEFENSE Inc. informed us about a buffer overflow in the linux 2.4 kernel code which handles ISO9660 filesystems. The original code is not able to handle very long symlink names. The vulnerability can be triggered locally by mounting removable media that contains a malformed filesystem or by using the loopback device. Exploiting this buffer overflow results in kernel-level access to the system. Another vulnerability allows the retrieval of private informations from JFS filesystems due to the lack of cleaning up (writing zeros) used sectors on the harddrive. This bug needs root privilges to be exploited. SPECIAL INSTALL INSTRUCTIONS: == The following paragraphs will guide you through the installation process in a step-by-step fashion. The character sequence marks the beginning of a new paragraph. In some cases, you decide if the paragraph is needed for you or not. Please read through all of the steps down to the end. All of the commands that need to be executed are required to be run as the superuser (root). Each step relies on the steps before to complete successfully. Step 1: Determine the needed kernel type Please use the following command to find the kernel type that is installed on your system: rpm -qf /boot/vmlinuz The following options are possible (disregarding the version and build number following the name, separated by the - character): k_deflt # default kernel, good for most systems. k_i386# kernel for older processors and chipsets k_athlon # kernel made specifically for AMD Athlon(tm) family processors k_psmp# kernel for Pentium-I dual processor systems k_smp # kernel for SMP systems (Pentium-II and above) k_smp4G # kernel for SMP systems which supports a maximum of 4G of RAM Step 2: Download the package for your system Please download the kernel RPM package for your distribution with the name starting as indicated by Step 1. The list of all kernel rpm packages is appended below. Note: The kernel-source package does not contain any binary kernel in bootable form. Instead, it contains the sources that the binary kernel rpm packages are made from. It can be used by administrators who have decided to build their own kernel. Since the kernel-source.rpm is an installable (compiled) package that contains sources for the linux kernel, it is not the source RPM for the kernel RPM binary packages. The kernel RPM binary packages for the distributions can be found at these locations below ftp://ftp.suse.com/pub/suse/i386/update/. 8.0/images/ 8.1/rpm/i586 8.2/rpm/i586 9.0/rpm/i586 After downloading the kernel RPM package for your system, you should verify the authenticity of the kernel rpm package using the methods as listed in section 3) of each SUSE Security Announcement. Step 3: Installing your kernel rpm package Install the rpm package that you have downloaded in Steps 3 or 4 with the command rpm -Uhv --nodeps --force
[Full-Disclosure] SUSE Security Announcement: openssl (SuSE-SA:2004:007)
-BEGIN PGP SIGNED MESSAGE- __ SUSE Security Announcement Package:openssl Announcement-ID:SuSE-SA:2004:007 Date: Wednesday, Mar 17th 2004 13:30 MEST Affected products: 8.0, 8.1, 8.2, 9.0 SuSE Linux Database Server, SuSE eMail Server III, 3.1 SuSE Linux Enterprise Server 7, 8 SuSE Linux Firewall on CD/Admin host SuSE Linux Connectivity Server SuSE Linux Office Server Vulnerability Type: remote denial-of-service Severity (1-10):4 SUSE default package: yes Cross References: CAN-2004-0079 CAN-2004-0112 Content of this advisory: 1) security vulnerability resolved: - null pointer assignment due to handshake - crash with Kerberos cipher-suite support problem description, discussion, solution and upgrade information 2) pending vulnerabilities, solutions, workarounds: - xf86_glx/xmodules/xloader - gnome-session - pwlib - libxml2 - mod_python - mozilla - kernel - mailman - metamail - sysstat 3) standard appendix (further information) __ 1) problem description, brief discussion, solution, upgrade information OpenSSL is an implementation of the Secure Socket Layer (SSL v2/3) and Transport Layer Security (TLS v1) protocol. The NISCC informed us about to failure conditions in openssl that can be triggered to crash applications that use the openssl library. The first bug occurs during SSL/TLS handshake in the function do_change_cipher_spec() due to a NULL pointer assignment. The second bug affects openssl version 0.9.7* only with Kerberos cipher-suite enabled and can be triggered during SSL/TLS handshake too. Please download the update package for your distribution and verify its integrity by the methods listed in section 3) of this announcement. Then, install the package using the command rpm -Fhv file.rpm to apply the update. Our maintenance customers are being notified individually. The packages are being offered to install from the maintenance web. There is not other solution known to this problem then updating to the current version from our FTP servers. To make this update effective, restart all servers using openssl please Intel i386 Platform: SuSE-9.0: ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/openssl-0.9.7b-133.i586.rpm 31ec7dd8d5e119ebc0c63b287e4ad3c7 ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/openssl-devel-0.9.7b-133.i586.rpm 952ad40732b95ca7fdd8ba00a94ce99b patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/openssl-0.9.7b-133.i586.patch.rpm 71d9522ca81e5cec829266f5fd9efb6d ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/openssl-devel-0.9.7b-133.i586.patch.rpm 40d2d30ff2f2629d02e6e54472b6aca0 source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/openssl-0.9.7b-133.src.rpm 3bb291108685b06ac25533014ede039e SuSE-8.2: ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/openssl-0.9.6i-21.i586.rpm 21d83138d00c84b0febc2428f1e5ceac ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/openssl-devel-0.9.6i-21.i586.rpm 421bf9717ff3c7facc8a6ee51438e82c patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/openssl-0.9.6i-21.i586.patch.rpm 0457b801931f1f6857e3358c4b5a9151 ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/openssl-devel-0.9.6i-21.i586.patch.rpm 4d8561d55cde4d31c840ebd7d10901e1 source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/openssl-0.9.6i-21.src.rpm 4a55e2eae1fd8ebcc086fa612d9af95b SuSE-8.1: ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/openssl-0.9.6g-114.i586.rpm 53c938f88ed6a5d2ad12120c65ea880f ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/openssl-devel-0.9.6g-114.i586.rpm bd6ff0ccaf12c1ce9107accf5f4372b6 patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/openssl-0.9.6g-114.i586.patch.rpm 7782f761018a0b4fb95c955f7c782b6d ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/openssl-devel-0.9.6g-114.i586.patch.rpm 51df3d52a98175cbe6338cb963140a59 source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/openssl-0.9.6g-114.src.rpm da2f5a9f62126ad0e1659a6f4f78878c SuSE-8.0:
[Full-Disclosure] SUSE Security Announcement: xf86/XFree86 (SuSE-SA:2004:006)
-BEGIN PGP SIGNED MESSAGE- __ SUSE Security Announcement Package:xf86/XFree86 Announcement-ID:SuSE-SA:2004:006 Date: Monday, Feb. 23th 2004 16:30 MET Affected products: 8.0, 8.1, 8.2, 9.0 SuSE Linux Database Server, SuSE eMail Server III, 3.1 SuSE Linux Enterprise Server 7, 8 SuSE Linux Firewall on CD/Admin host SuSE Linux Connectivity Server SuSE Linux Office Server Vulnerability Type: local privilege escalation Severity (1-10):5 SUSE default package: yes Cross References: CAN-2004-0083 CAN-2004-0084 CAN-2004-0106 Content of this advisory: 1) security vulnerability resolved: - several local buffer overflows in fontfile code problem description, discussion, solution and upgrade information 2) pending vulnerabilities, solutions, workarounds: - mutt - mod_python - mailman - metamail - libxml2 - lbreakout - pwlib 3) standard appendix (further information) __ 1) problem description, brief discussion, solution, upgrade information XFree86 is an open-source X Window System implementation that acts as a client-server-based API between different hardware components like display, mouse, keyboard and so on. Several buffer overflows were found in the fontfile code that handles a user-supplied fonts.alias file. The file is processed with root privileges and therefore a successful exploitation of these bugs leads to local root access. There is no known workaround. Please download the update package for your distribution and verify its integrity by the methods listed in section 3) of this announcement. Then, to apply the update use the command rpm -Fhv file.rpm. Our maintenance customers are being notified individually. The packages are being offered to install from the maintenance web. Intel i386 Platform: SuSE-9.0: ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/XFree86-4.3.0.1-46.i586.rpm dcaadc2b9438995c9a3ac6e4fc7bf181 patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/XFree86-4.3.0.1-46.i586.patch.rpm f094861c9a0fbb5f27d168b680fe1a5b source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/XFree86-4.3.0.1-46.src.rpm 824c6173693342a033f75c503592e7e0 SuSE-8.2: ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/XFree86-4.3.0-120.i586.rpm f1f01280e6e8a5a2f091a04c5836a51d patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/XFree86-4.3.0-120.i586.patch.rpm 16ba90ef0ad607d1547cda7734b28750 source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/XFree86-4.3.0-120.src.rpm 4100735436d4c8801c6add673fceb29e SuSE-8.1: ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/xf86-4.2.0-257.i586.rpm 9ed1fc5ec83a42a85315391387610e6b patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/xf86-4.2.0-257.i586.patch.rpm 9652732385f8670ea9d36151378b7428 source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/xf86-4.2.0-257.src.rpm e1d73191d2aabe3a6dda677e6fd716bc SuSE-8.0: ftp://ftp.suse.com/pub/suse/i386/update/8.0/x1/xf86-4.2.0-257.i386.rpm 9b69aac017a0ac9905e3fc4e9594d435 patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.0/x1/xf86-4.2.0-257.i386.patch.rpm 3076136bcdf20132f343768e4a71c7a2 source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/xf86-4.2.0-257.src.rpm 1775eef155f4afdc9a3a08ff31a38607 Opteron x86_64 Platform: SuSE-9.0: ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/XFree86-4.3.0.1-52.x86_64.rpm 1714cb2eb566fab0e29277db9f9d2572 patch rpm(s): ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/XFree86-4.3.0.1-52.x86_64.patch.rpm 930944efc868b28d87a69a9543206546 source rpm(s): ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/XFree86-4.3.0.1-52.src.rpm ee67773fcad341912b617d397991ed32 __ 2) Pending vulnerabilities in SUSE Distributions and Workarounds: - mutt The popular email client mutt is vulnerable to a remote denial-of-service attack and maybe remote command execution. The bug can be triggered by malformed messages that
[Full-Disclosure] SUSE Security Announcement: Linux Kernel (SuSE-SA:2004:005)
-BEGIN PGP SIGNED MESSAGE- __ SUSE Security Announcement Package:Linux Kernel Announcement-ID:SuSE-SA:2004:005 Date: Wednesday, Feb. 18th 2004 23:05 MET Affected products: 8.0, 8.1, 8.2, 9.0 SuSE Linux Database Server, SuSE eMail Server III, 3.1 SuSE Linux Enterprise Server 7, 8 SuSE Linux Firewall on CD/Admin host SuSE Linux Connectivity Server SuSE Linux Office Server Vulnerability Type: local privilege escalation Severity (1-10):6 SUSE default package: yes Cross References: CAN-2004-0003 CAN-2004-0010 CAN-2004-0077 CAN-2004-0075 Content of this advisory: 1) security vulnerability resolved: - do_mremap: insecure memory page management - several local denial-of-service attacks problem description, discussion, solution and upgrade information 2) pending vulnerabilities, solutions, workarounds: - netpbm - zebra - susehelp - mod_gzip - mod_auth_shadow - mod_python - mutt - mailman - clamav - XFree86/xf86 - libxml2 3) standard appendix (further information) __ 1) problem description, brief discussion, solution, upgrade information Another bug in the Kernel's do_mremap() function, which is unrelated to the bug fixed in SuSE-SA:2004:001, was found by Paul Starzetz. The do_mremap() function of the Linux Kernel is used to manage Virtual Memory Areas (VMAs) which includes moving, removing and resizing of memory areas. To remove old memory areas do_mremap() uses the function du_munmap() without checking the return value. By forcing do_munmap() to return an error the memory management of a process can be tricked into moving page table entries from one VMA to another. The destination VMA may be protected by a different ACL which enables a local attacker to gain write access to previous read-only pages. The result will be local root access to the system. Additionally to the bug mentioned above some other bugs were fixed (depending on architecture) that can cause local denial-of-service conditions: - Vicam USB driver: CAN-2004-0075 + denial-of-service due to problem while copying data from user to kernel space - Direct Render Infrastructure: CAN-2004-0003 + denial-of-service due to integer overflow + needs r128 card and console to be exploited - ncpfs/ncp_lookup: CAN-2004-0010 + buffer overflow with the probability to gain root - execve(): + malformed elf binaries can lead to a local denial-of-service attack SPECIAL INSTALL INSTRUCTIONS: == The following paragraphs will guide you through the installation process in a step-by-step fashion. The character sequence marks the beginning of a new paragraph. In some cases, you decide if the paragraph is needed for you or not. Please read through all of the steps down to the end. All of the commands that need to be executed are required to be run as the superuser (root). Each step relies on the steps before to complete successfully. Step 1: Determine the needed kernel type Please use the following command to find the kernel type that is installed on your system: rpm -qf /boot/vmlinuz The following options are possible (disregarding the version and build number following the name, separated by the - character): k_deflt # default kernel, good for most systems. k_i386# ke for older processors and chipsets k_athlon # kernel made specifically for AMD Athlon(tm) family processors k_psmp# kernel for Pentium-I dual processor systems k_smp # kernel for SMP systems (Pentium-II and above) k_smp4G # kernel for SMP systems which supports a maximum of 4G of RAM Step 2: Download the package for your system Please download the kernel RPM package for your distribution with the name starting as indicated by Step 1. The list of all kernel rpm packages is appended below. Note: The kernel-source package does not contain any binary kernel in bootable form. Instead, it contains the sources that the
[Full-Disclosure] DIMVA 2004 deadline extended
Elektronische Abgabe druckfertiger Beiträge TAGUNGSLEITUNG -- Ulrich Flegel (Vorsitz), Universität Dortmund, Fachbereich Informatik, LS6 - Informationssysteme und Sicherheit, D-44221 Dortmund Tel.: +49-231-755-4775, ulrich.flegel{at}udo.edu Michael Meier, Brandenburgische Technische Universität Cottbus, Institut für Informatik, Lehrstuhl Rechnernetze, Postfach 10 13 44, D-03013 Cottbus Tel.: +49-355-69-2028, mm{at}informatik.tu-cottbus.de PROGRAMMKOMITEE --- Thomas Biege (SuSE Linux AG) Roland Büschkes (T-Mobile) Toralv Dirro (Network Associates) Anja Feldmann (TU München) Ulrich Flegel (stv. Vorsitz) (Uni Dortmund) Christian Freckmann (TÜV-IT) Oliver Göbel (RUS-CERT) Christian Götz (Cirosec) Dirk Häger (BSI) Marc Heuse (Unisys) Klaus Julisch (IBM Research Zürich) Oliver Karow (Symantec) Klaus-Peter Kossakowski (Presecure) Hartmut König (BTU Cottbus) Heiko Krumm (Uni Dortmund) Christopher Krügel (UCSB, Kalifornien) Holger Mack (Secorvo) Michael Meier (Vorsitz) (BTU Cottbus) Jens Nedon (Consecur) Christian Schmid (Linz, Österreich) Morton Swimmer (IBM Research Zürich) Stefan Strobel (Cirosec) Marco Thorbrügge (DFN-CERT) Andreas Wespi (IBM Research Zürich) Stephen Wolthusen (Fraunhofer IGD Darmstadt) Ralf Zessin (Maxpert AG) VERANSTALTER Fachgruppe SIDAR der Gesellschaft für Informatik e.V. (GI) Wissenschaftszentrum, Ahrstraße 45; D-53175 Bonn Tel.: +49-228-302-145; Fax: +49-228-302-167 http://www.gi-ev.de in Kooperation mit IEEE Task Force on Information Assurance German Chapter of the ACM Universität Dortmund ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
[Full-Disclosure] SUSE Security Announcement: gaim (SuSE-SA:2004:004)
-BEGIN PGP SIGNED MESSAGE- __ SUSE Security Announcement Package:gaim Announcement-ID:SuSE-SA:2004:004 Date: Thrusday, Jan 29th 2004 10:30 MET Affected products: 8.0, 8.1, 8.2, 9.0 SuSE Linux Desktop 1.0 Vulnerability Type: remote system compromise Severity (1-10):5 SUSE default package: no Cross References: Content of this advisory: 1) security vulnerability resolved: - two buffer overflows problem description, discussion, solution and upgrade information 2) pending vulnerabilities, solutions, workarounds: - kernel binaries for SLES8 AMD64 - mc - mod_gzip - tripwire - XDM (XFree86, xf86) - 3ddiag - mod_auth_shadow - cvsup - nmap - netpbm - zebra - quagga - tcpdump - mod_python 3) standard appendix (further information) __ 1) problem description, brief discussion, solution, upgrade information Gaim is a multi-protocol instant-messaging client. Stefan Esser found 12 vulnerabilities in gaim that can lead to a remote system compromise with the privileges of the user running GAIM. The GAIM package that SUSE LINUX ships is affected by just two of these bug: - Yahoo Packet Parser Overflow - HTTP Proxy Connect Overflow The first vulnerability is easy to exploit and results in a classic stack overflow which can be used to execute arbitrary code. The latter vulnerability requires the gaim client use a HTTP proxy under the control of the attacker. The exploitation of this bug results in arbitrary code execution too. There is no known workaround. Please download the update package for your distribution and verify its integrity by the methods listed in section 3) of this announcement. Then, to apply the update use the command rpm -Fhv file.rpm. Our maintenance customers are being notified individually. The packages are being offered to install from the maintenance web. Intel i386 Platform: SuSE-9.0: ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/gaim-0.67-65.i586.rpm 09f8d12dd52e246cf32dca8ad3374f39 patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/gaim-0.67-65.i586.patch.rpm 3a633e341b9e56facdbe0250b55dd33a source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/gaim-0.67-65.src.rpm 5ee6a86077c0297a64815532782f7a54 SuSE-8.2: ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/gaim-0.59.8-60.i586.rpm 7a269744304f72bf951c7bd6974560f2 patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/gaim-0.59.8-60.i586.patch.rpm e7b18f0da02c1c4392dc1b03e835a827 source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/gaim-0.59.8-60.src.rpm ae7d7b1c9735696244547a0d6a5ee92e SuSE-8.1: ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/gaim-0.59-158.i586.rpm 22b1d4be5737906f8ff0975918279034 patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/gaim-0.59-158.i586.patch.rpm 7644020869e92cc980b881efebf9d617 source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/gaim-0.59-158.src.rpm cd1532f71a79ed32d016d456a844ff4b SuSE-8.0: ftp://ftp.suse.com/pub/suse/i386/update/8.0/gnm3/gaim-0.50-187.i386.rpm 7dcb581b78bf8ab61e82bf0836a4357e patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.0/gnm3/gaim-0.50-187.i386.patch.rpm 5a6f596538edc56e0b3a70a23200c21e source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/gaim-0.50-187.src.rpm d38c8da629941eecef7f75d6a5ea9e80 __ 2) Pending vulnerabilities in SUSE Distributions and Workarounds: - kernel binaries for SLES8 AMD64 Due to a human failure the kernel binaries of SuSE Linux Enterprise Server 8 for AMD64 lack the fix described in SuSE-SA:2004:003. The kernel-source packages and the packages for IA64 are *not* affected. New packages are available at our maintenance-web. - mc By using a special combination of links in archive files it is possible to execute arbitrary commands while mc tries to open it in its VFS. New packages are available on our FTP servers. - mod_gzip (apache-contrib) The apache module mod_gzip is vulnerable to remote code execution while running in debug-mode. We do not ship this module in debug-mode but future versions will include the fix.
[Full-Disclosure] SUSE Security Announcement: Linux Kernel (SuSE-SA:2004:001)
-BEGIN PGP SIGNED MESSAGE- __ SUSE Security Announcement Package:Linux Kernel Announcement-ID:SuSE-SA:2004:001 Date: Monday, Jan 5th 2004 20:27 MET Affected products: 8.0, 8.1, 8.2, 9.0 SuSE Linux Enterprise Server 7, SuSE Linux Database Server, SuSE eMail Server III, 3.1 SuSE Linux Firewall on CD/Admin host SuSE Linux Office Server SuSE Linux Desktop 1.0 SuSE Linux School Server Vulnerability Type: local system compromise Severity (1-10):6 SUSE default package: yes Cross References: Content of this advisory: 1) security vulnerability resolved: - incorrect bounds checking problem description, discussion, solution and upgrade information 2) pending vulnerabilities, solutions, workarounds: - mc - mod_gzip - tripwire - cvs - irssi - atftp 3) standard appendix (further information) __ 1) problem description, brief discussion, solution, upgrade information The do_mremap() function of the Linux Kernel is used to manage (move, resize) Virtual Memory Areas (VMAs). By exploiting an incorrect bounds check in do_mremap() during the remapping of memory it is possible to create a VMA with the size of 0. In normal operation do_mremap() leaves a memory hole of one page and creates an additional VMA of two pages. In case of exploitation no hole is created but the new VMA has a 0 bytes length. The Linux Kernel's memory management is corrupted from this point and can be abused by local users to gain root privileges. There is no temporary workaround for this bug. Please note that on 8.1, the kernel-source package may not be installable through rpm, because of a bug in RPM (update of the kernel source RPM may take 30 minutes or more, or fail entirely). Owing to this problem, the kernel source is not available as a regular YOU update. However, recognizing our obligation to publish the source along with the binary packages, we are making the source available as a compressed tar archive, downloadable from the normal FTP locations SPECIAL INSTALL INSTRUCTIONS: == The following paragraphs will guide you through the installation process in a step-by-step fashion. The character sequence marks the beginning of a new paragraph. In some cases, you decide if the paragraph is needed for you or not. Please read through all of the steps down to the end. All of the commands that need to be executed are required to be run as the superuser (root). Each step relies on the steps before to complete successfully. Step 1: Determine the needed kernel type Please use the following command to find the kernel type that is installed on your system: rpm -qf /boot/vmlinuz The following options are possible (disregarding the version and build number following the name, separated by the - character): k_deflt # default kernel, good for most systems. k_i386# kernel for older processors and chipsets k_athlon # kernel made specifically for AMD Athlon(tm) family processors k_psmp# kernel for Pentium-I dual processor systems k_smp # kernel for SMP systems (Pentium-II and above) k_smp4G # kernel for SMP systems which supports a maximum of 4G of RAM Step 2: Download the package for your system Please download the kernel RPM package for your distribution with the name starting as indicated by Step 1. The list of all kernel rpm packages is appended below. Note: The kernel-source package does not contain any binary kernel in bootable form. Instead, it contains the sources that the binary kernel rpm packages are made from. It can be used by administrators who have decided to build their own kernel. Since the kernel-source.rpm is an installable (compiled) package that contains sources for the linux kernel, it is not the source RPM for the kernel RPM binary packages. The kernel RPM binary packages for the distributions can be found at these locations below ftp://ftp.suse.com/pub/suse/i386/update/. 8.0/images/ 8.1/rpm/i586 8.2/rpm/i586 9.0/rpm/i586 After downloading the kernel RPM package for your system, you should verify the authenticity of the kernel rpm package using the methods as listed
[Full-Disclosure] SUSE Security Announcement: lftp (SuSE-SA:2003:051)
-BEGIN PGP SIGNED MESSAGE- __ SUSE Security Announcement Package:lftp Announcement-ID:SuSE-SA:2003:051 Date: Monday, Dec 15th 2003 14:30 MET Affected products: 8.2, 9.0 remote system compromise Severity (1-10):3 SUSE default package: no Cross References: Content of this advisory: 1) security vulnerability resolved: - local buffer overflow problem description, discussion, solution and upgrade information 2) pending vulnerabilities, solutions, workarounds: - mc - mod_gzip - freeradius - tripwire - cvs - irssi - atftp 3) standard appendix (further information) __ 1) problem description, brief discussion, solution, upgrade information The the flexible and powerful FTP command-line client lftp is vulnerable to two remote buffer overflows. When using lftp via HTTP or HTTPS to execute commands like 'ls' or 'rels' specially prepared directories on the server can trigger a buffer overflow in the HTTP handling functions of lftp to possibly execute arbitrary code on the client-side. Please note, to exploit these bugs an attacker has to control the server- side of the context and the attacker will only gain access to the account of the user that is executing lftp. There is no temporary workaround known. Please download the update package for your distribution and verify its integrity by the methods listed in section 3) of this announcement. Then, install the package using the command rpm -Fhv file.rpm to apply the update. Our maintenance customers are being notified individually. The packages are being offered to install from the maintenance web. Intel i386 Platform: SuSE-9.0: ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/lftp-2.6.6-71.i586.rpm 2e5aee46868b5b19c26a8559927e8663 patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/lftp-2.6.6-71.i586.patch.rpm 0468cf8f2b2b4c18a854f51ef63470b7 source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/lftp-2.6.6-71.src.rpm a32eee3ff4eeb322d44f04b9f8ff4c9c SuSE-8.2: ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/lftp-2.6.4-44.i586.rpm df0d7c059cd3bb4fe47c927849fd9a5e patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/lftp-2.6.4-44.i586.patch.rpm eb9d6aedc25d3e2d25b63999526ee1bd source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/lftp-2.6.4-44.src.rpm 63695b02bf520b02f93ec73078d6e4d8 __ 2) Pending vulnerabilities in SUSE Distributions and Workarounds: - mc By using a special combination of links in archive-files it is possible to execute arbitrary commands while mc tries to open it in its VFS. The packages are currently tested and will be release as soon as possible. - mod_gzip The apache module mod_gzip is vulnerable to remote code execution while running in debug-mode. We do not ship this module in debug-mode but future versions will include the fix. Additionally the mod_gzip code was audited to fix more possible security related bugs. - freeradius Two vulnerabilities were found in the FreeRADIUS package. The remote denial-of-service attack bug was fixed and new packages will be released as soon as testing was successfully finished. The other bug is a remote buffer overflow in the module rlm_smb. We do not ship this module and will fix it for future releases. - tripwire Tripwire is a file integrity checker. The tripwire version on SuSE Linux 8.2 and 9.0 do crash when a requested file does not exists. New packages will be available soon. - cvs The cvs server-side can be tricked to create files in the root filesystem of the server by requesting malformed modules. The permissions on the root filesystem normally prevent this malfunction. New packages will be available soon. - irssi Under special circumstances the the irc-client irssi can be crashed remotely by other irc-clients. A fix will be available soon. - atftp A buffer overflow vulnerability discovered by Rick Patel has been fixed in the atftpd (trivial file transfer protocol, UDP oriented) daemon, contained in the atftp package. Update packages for the affected SUSE Linux distributions 8.1 and 8.2 have been published on our ftp server today. We explicitly thank Dirk Mueller, KDE developer, for notifying
[Full-Disclosure] SUSE Security Announcement: rsync (SuSE-SA:2003:050)
-BEGIN PGP SIGNED MESSAGE- __ SUSE Security Announcement Package:rsync Announcement-ID:SuSE-SA:2003:050 Date: Thursday, Dec 4th 2003 14:30 MET Affected products: 7.3, 8.0, 8.1, 8.2, 9.0 SuSE Linux Database Server, SuSE eMail Server III, 3.1 SuSE Linux Enterprise Server 7, 8 SuSE Linux Firewall on CD/Admin host SuSE Linux Connectivity Server SuSE Linux Office Server Vulnerability Type: local privilege escalation Severity (1-10):4 SUSE default package: no Cross References: CAN-2003-0962 Content of this advisory: 1) security vulnerability resolved: heap overflow problem description, discussion, solution and upgrade information 2) pending vulnerabilities, solutions, workarounds: - discontinue of SuSE Linux 7.3 - KDE - mc - apache - screen - mod_gzip - unace 3) standard appendix (further information) __ 1) problem description, brief discussion, solution, upgrade information The rsync suite provides client and server tools to easily support an administrator keeping the files of different machines in sync. In most private networks the rsync client tool is used via SSH to fulfill his tasks. In an open environment rsync is run in server mode accepting connections from many untrusted hosts with, but mostly without, authentication. The rsync server drops its root privileges soon after it was started and per default creates a chroot environment. Due to insufficient integer/bounds checking in the server code a heap overflow can be triggered remotely to execute arbitrary code. This code does not get executed as root and access is limited to the chroot environment. The chroot environment maybe broken afterwards by abusing further holes in system software or holes in the chroot setup. Your are not vulnerable as long as you do not use rsync in server mode or you use authentication to access the rsync server. As a temporary workaround you can disable access to your rsync server for untrusted parties, enable authentication or switch back to rsync via SSH. Please download the update package for your distribution and verify its integrity by the methods listed in section 3) of this announcement. Then, install the package using the command rpm -Fhv file.rpm to apply the update. Our maintenance customers are being notified individually. The packages are being offered to install from the maintenance web. Intel i386 Platform: SuSE-9.0: ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/rsync-2.5.6-193.i586.rpm e848708286572c8a793819e5a358274a patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/rsync-2.5.6-193.i586.patch.rpm d70f7726a2c8850a8c085bdbe9afbf27 source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/rsync-2.5.6-193.src.rpm 45e14417a64704fcee1dfea390a5b3f6 SuSE-8.2: ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/rsync-2.5.6-193.i586.rpm 341d1da31000831d994e48d0714b576d patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/rsync-2.5.6-193.i586.patch.rpm d94f1a84fc07e92dfc87471f909314c9 source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/rsync-2.5.6-193.src.rpm 16b19cc2331ff577f2d1f9e116e74625 SuSE-8.1: ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/rsync-2.5.5-258.i586.rpm 28799a5950666eb7f104e2831575fb3c patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/rsync-2.5.5-258.i586.patch.rpm 02557d2de1dc27ffd97845ebabb336b6 source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/rsync-2.5.5-258.src.rpm 6a7cd73509acf3cca12d9a4f4b3aec98 SuSE-8.0: ftp://ftp.suse.com/pub/suse/i386/update/8.0/n2/rsync-2.4.6-499.i386.rpm cf9fde4bcf1f3af3e3c5ae6bf5ceba85 patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.0/n2/rsync-2.4.6-499.i386.patch.rpm 0a61425e9bb345fe73e42926408257cb source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/rsync-2.4.6-499.src.rpm d5c29841ff1f387cb003c359eee868df SuSE-7.3: ftp://ftp.suse.com/pub/suse/i386/update/7.3/n2/rsync-2.4.6-499.i386.rpm 67b2400ee15d739e75a1463db7d003ca source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/7.3/zq1/rsync-2.4.6-499.src.rpm
[Full-Disclosure] SUSE Security Announcement: sane (SuSE-SA:2003:046)
/+SmDjGzUu2GWGq6Fsdwo2hVM2ym6CILeow/K9JfhdwGvY8LRxWRL hn09j2IJ9P7H1Yz3qDf10AX6V7YILHtchKT1dcngCkTLmDgC4rs1iAAl3f089sRG BafGPGKv2DQjHfR1LfRtbf0P7c09Tkej1MP8HtQMW9hPkBYeXcwbCjdrVGFOzqx+ AvvJDdT6a+oyRMTFlvmZ83UV5pgoyimgjhWnM1V4bFBYjPrtWMkdXJSUXbR6Q7Pi RZWCzGRzwbaxqpl3rK/YTCphOLwEMB27B4/fcqtBzgoMOiaZA0M5fFoo54KgRIh0 zinsSx2OrWgvSiLEXXYKiEYEEBECAAYFAjseYcMACgkQnkDjEAAKq6ROVACgjhDM /3KM+iFjs5QXsnd4oFPOnbkAnjYGa1J3em+bmV2aiCdYXdOuGn4ZiQCVAwUQN7c7 whaQN/7O/JIVAQEB+QP/cYblSAmPXxSFiaHWB+MiUNw8B6ozBLK0QcMQ2YcL6+Vl D+nSZP20+Ja2nfiKjnibCv5ss83yXoHkYk2Rsa8foz6Y7tHwuPiccvqnIC/c9Cvz dbIsdxpfsi0qWPfvX/jLMpXqqnPjdIZErgxpwujas1n9016PuXA8K3MJwVjCqSKI RgQQEQIABgUCOhpCpAAKCRDHUqoysN/3gCt7AJ9adNQMbmA1iSYcbhtgvx9ByLPI DgCfZ5Wj+f7cnYpFZI6GkAyyczG09sE= =LRKC - -END PGP PUBLIC KEY BLOCK- -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.7 (GNU/Linux) iQEVAwUBP7o6Lney5gA9JdPZAQEtlAgAkgmF1N4phGHJiuWFOImYfObmzA/NWvG8 a7MdiWzoduVdrTtByzlBqRhxZyEdtGtfHngrMuj1pKhWrZK8uOqiYx6wIWqpfq0o 0P/wt5XnLAVQNpfm3CvqoC546bw/Xtt8LL7epsGgl2YnsAIj1Nn5qF28TBOArleB p/O2DavFGx+ASMQSfMNrRMp65chQWwaSypWk8AZBIwD+dqELQ06BeTSuBNix10vJ 37BMQOC5HUdkfx8p/YE6NShXErGANLHOcJBQKlg+5V+1WEbDWZ7Urpa0Sqi0zWTh WLa20xUpp6NfVMvhCqeCY7zdA35LNiGFkaU/O9+goMygBDzihdS5Ig== =mL8i -END PGP SIGNATURE- Bye, Thomas -- Thomas Biege [EMAIL PROTECTED], SUSE LINUX AG, Security Support Auditing lynx -source http://www.suse.de/~thomas/contact/thomas.asc | pgp -fka Key fingerprint = 51 AD B9 C7 34 FC F2 54 01 4A 1C D4 66 64 09 83 -- ... stay with me, save and ignorant, go back to sleep... - Maynard James Keenan ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
[Full-Disclosure] SUSE Security Announcement: thttpd (SuSE-SA:2003:044)
qY9WCX6cmogGQRgYG6yJqDalLqrDOdmJARUDBRA24S0Ed7LmAD0l09kBAW04B/4p WH3f1vQn3i6/+SmDjGzUu2GWGq6Fsdwo2hVM2ym6CILeow/K9JfhdwGvY8LRxWRL hn09j2IJ9P7H1Yz3qDf10AX6V7YILHtchKT1dcngCkTLmDgC4rs1iAAl3f089sRG BafGPGKv2DQjHfR1LfRtbf0P7c09Tkej1MP8HtQMW9hPkBYeXcwbCjdrVGFOzqx+ AvvJDdT6a+oyRMTFlvmZ83UV5pgoyimgjhWnM1V4bFBYjPrtWMkdXJSUXbR6Q7Pi RZWCzGRzwbaxqpl3rK/YTCphOLwEMB27B4/fcqtBzgoMOiaZA0M5fFoo54KgRIh0 zinsSx2OrWgvSiLEXXYKiEYEEBECAAYFAjseYcMACgkQnkDjEAAKq6ROVACgjhDM /3KM+iFjs5QXsnd4oFPOnbkAnjYGa1J3em+bmV2aiCdYXdOuGn4ZiQCVAwUQN7c7 whaQN/7O/JIVAQEB+QP/cYblSAmPXxSFiaHWB+MiUNw8B6ozBLK0QcMQ2YcL6+Vl D+nSZP20+Ja2nfiKjnibCv5ss83yXoHkYk2Rsa8foz6Y7tHwuPiccvqnIC/c9Cvz dbIsdxpfsi0qWPfvX/jLMpXqqnPjdIZErgxpwujas1n9016PuXA8K3MJwVjCqSKI RgQQEQIABgUCOhpCpAAKCRDHUqoysN/3gCt7AJ9adNQMbmA1iSYcbhtgvx9ByLPI DgCfZ5Wj+f7cnYpFZI6GkAyyczG09sE= =LRKC - -END PGP PUBLIC KEY BLOCK- -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.7 (GNU/Linux) iQEVAwUBP6JW93ey5gA9JdPZAQE7AAf+LMQ45cIOD3iSCFZ8g/RuWVI5yiY2CkE2 0KpivccK5qehDInv+spLFAZBOlFXjmkmPcyBZbaFkuTdo6PpnGicJ6gHdPvYzVZ1 +0I0T9u8dZUlAoeGnTVNtzcN8yEA9xcp1mjEXORoclR5zwwVFXRcp8rktde768yD kBvur0ZY9g4OyJEwb/UzdiKxKuKiFlq3llVz5ID8qDMIDQfORygVqjxI4pFDwff/ Pm9qxit7J2Q1tB3VZXBkUb+ba+Y6bLBFkhk64hHr+q3jtMZlrK6z2WMJsF/a5gqp JDaTp1BxChMeJ6Q5YTq8ZCUzKKu7Dg4d42+php7QiR9UIifk4ch2gQ== =6u83 -END PGP SIGNATURE- Bye, Thomas -- Thomas Biege [EMAIL PROTECTED], SuSE Linux AG, Security Support Auditing lynx -source http://www.suse.de/~thomas/contact/thomas.asc | pgp -fka Key fingerprint = 51 AD B9 C7 34 FC F2 54 01 4A 1C D4 66 64 09 83 -- ... stay with me, save and ignorant, go back to sleep... - Maynard James Keenan ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
[Full-Disclosure] SuSE Security Announcement: openssl (SuSE-SA:2003:043)
omuF+HIyU4AGq+SU8sTZ/1SsjhdzzrSAfv1lETACA+3SmLr5KV40Us1w0UC64cwt A46xowVq1vMlH2Lib+V/qr3b1hE67nMHjysECVx9Ob4gFuKNoR2eqnAaJvjnAT8J /LoUC20EdCHUqn6v+M9t/WZgC+WNR8cq69uDy3YQhDP/nIan6fm2uf2kSV9A7ZxE GrwsWl/WX5Q/sQqMWaU6r4az98X3z90/cN+eJJ3vwtA+rm+nxEvyev+jaLuOQBDf ebh/XA4FZ35xmi+spdiVeJH4F/ubaGlmj7+wDOF3suYAPSXT2QAFEbQlU3VTRSBT ZWN1cml0eSBUZWFtIDxzZWN1cml0eUBzdXNlLmRlPokBFQMFEDbhLUfkWLKHsco8 RQEBVw4H/1vIdiOLX/7hdzYaG9crQVIk3QwaB5eBbjvLEMvuCZHiY2COUg5QdmPQ 8SlWNZ6k4nu1BLcv2g/pymPUWP9fG4tuSnlUJDrWGm3nhyhAC9iudP2u1YQY37Gb B6NPVaZiYMnEb4QYFcqv5c/r2ghSXUTYk7etd6SW6WCOpEqizhx1cqDKNZnsI/1X 11pFcO2N7rc6byDBJ1T+cK+F1Ehan9XBt/shryJmv04nli5CXQMEbiqYYMOu8iaA 8AWRgXPCWqhyGhcVD3LRhUJXjUOdH4ZiHCXaoF3zVPxpeGKEQY8iBrDeDyB3wHmj qY9WCX6cmogGQRgYG6yJqDalLqrDOdmJARUDBRA24S0Ed7LmAD0l09kBAW04B/4p WH3f1vQn3i6/+SmDjGzUu2GWGq6Fsdwo2hVM2ym6CILeow/K9JfhdwGvY8LRxWRL hn09j2IJ9P7H1Yz3qDf10AX6V7YILHtchKT1dcngCkTLmDgC4rs1iAAl3f089sRG BafGPGKv2DQjHfR1LfRtbf0P7c09Tkej1MP8HtQMW9hPkBYeXcwbCjdrVGFOzqx+ AvvJDdT6a+oyRMTFlvmZ83UV5pgoyimgjhWnM1V4bFBYjPrtWMkdXJSUXbR6Q7Pi RZWCzGRzwbaxqpl3rK/YTCphOLwEMB27B4/fcqtBzgoMOiaZA0M5fFoo54KgRIh0 zinsSx2OrWgvSiLEXXYKiEYEEBECAAYFAjseYcMACgkQnkDjEAAKq6ROVACgjhDM /3KM+iFjs5QXsnd4oFPOnbkAnjYGa1J3em+bmV2aiCdYXdOuGn4ZiQCVAwUQN7c7 whaQN/7O/JIVAQEB+QP/cYblSAmPXxSFiaHWB+MiUNw8B6ozBLK0QcMQ2YcL6+Vl D+nSZP20+Ja2nfiKjnibCv5ss83yXoHkYk2Rsa8foz6Y7tHwuPiccvqnIC/c9Cvz dbIsdxpfsi0qWPfvX/jLMpXqqnPjdIZErgxpwujas1n9016PuXA8K3MJwVjCqSKI RgQQEQIABgUCOhpCpAAKCRDHUqoysN/3gCt7AJ9adNQMbmA1iSYcbhtgvx9ByLPI DgCfZ5Wj+f7cnYpFZI6GkAyyczG09sE= =LRKC - -END PGP PUBLIC KEY BLOCK- -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.7 (GNU/Linux) iQEVAwUBP3sLUXey5gA9JdPZAQHR6gf+KcmkRZQ8hrjrFt9vP8SZmZJkO8ZjiVX4 js+qeRyIJCf0juZ5dI+I5FGkoaeifNAnuDPDFrMAwIZXF+tgDaLaQ9/nf6r+vZef Ri5wed4B588E7M0GGsvm3guzGSmkOJnwx+Q6aiFo7Sh98LBHUJ/xF2OerSo6Lz3Q k527BCA/EdF9AqlVKuzDynq9HIUiHhbG8ZqHZCNQJMKwOUFPbnhNoTGc2+i/oMeg 0MHSreVr0N9ThUcCVENe8tjzMqNEuTWKe2mIpcMM0dyz9gY10H1zFn3heEHglsCP xrFYt0mfPf5QNVtk2zq1OykKhgvi5vOdsKQ58LxqsFVBJ3N5xQswKw== =byxR -END PGP SIGNATURE- Bye, Thomas -- Thomas Biege [EMAIL PROTECTED], SuSE Linux AG, Security Support Auditing lynx -source http://www.suse.de/~thomas/contact/thomas.asc | pgp -fka Key fingerprint = 51 AD B9 C7 34 FC F2 54 01 4A 1C D4 66 64 09 83 -- ... bring the pieces back together, we discover communication... - Maynard James Keenan ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
[Full-Disclosure] SuSE Security Announcement: pine (SuSE-SA:2003:037)
= =LRKC - -END PGP PUBLIC KEY BLOCK- -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.7 (GNU/Linux) iQEVAwUBP2AXoney5gA9JdPZAQEpmggAiKfQGjFnHwmI6UQfK/6rmI1HTlIq8pyF XO+WOoMjgtczzxrMExlHDGVFgMvm6I9aIvdTDEv1+eTMmbVEm1cAXznLAZh3ZBZU asXrbJPZ8oYCLS2n5/pE7GMyZbrwZ4qx7dfdZCwPuG4y3xedLdkrREqzhFLV9Bms JC12tTF3Oz8XvrcnW4dLVqzTPtjEljwAO7iG7+G1tLjWqbaT3Oaa/iXfugMDeknK gfRa5PXLPVEPo/6N2UKBUayGp63pD4oAvhDeIogLs+tu0FNZ/49zUMqnzPw74Pv8 VRpQYvwk4/1Y7CSbDM9I4XAcxnzXB9RBuUpq/6EGwK3+lqCHO+7+MA== =qffc -END PGP SIGNATURE- Bye, Thomas -- Thomas Biege [EMAIL PROTECTED], SuSE Linux AG, Security Support Auditing lynx -source http://www.suse.de/~thomas/contact/thomas.asc | pgp -fka Key fingerprint = 51 AD B9 C7 34 FC F2 54 01 4A 1C D4 66 64 09 83 -- ... bring the pieces back together, we discover communication... - Maynard James Keenan ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
[Full-Disclosure] SuSE Security Announcement: pam_smb (SuSE-SA:2003:036)
/Y9aezIL0RM6itdQslRpGkH6Wh2Sc9jHtzx8nhyO641Q50eqU7dH79PyB+1 ZKGy2dkZ+D6WnZ//wuNDPJexXc4OAioNF51XlFboT5eOAG1yjMdGqg== =hiNx -END PGP SIGNATURE- Bye, Thomas -- Thomas Biege [EMAIL PROTECTED] SuSE Linux AG,Deutschherrnstr. 15-19,90429 Nuernberg Function: Security Support Auditing lynx -source http://www.suse.de/~thomas/contact/thomas.asc | pgp -fka Key fingerprint = 51 AD B9 C7 34 FC F2 54 01 4A 1C D4 66 64 09 83 -- ... bring the pieces back together, we discover communication... - Maynard James Keenan ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
[Full-Disclosure] CfP DIMVA 2004
, VA, MA sowie Netzwerk-Management: - gemeinsame Verwundbarkeits-Modelle und -Klassifikationen - Interoperabilität und Standardisierung - Kooperation und Integration verschiedener Produkte - auf Kooperation basierende Adaptivität - Korrelation, Aggregation und Fusion von Meldungen FORMALIA Jeder Beitrag wird von mindestens drei Gutachtern bewertet. Angenommene Beiträge werden auf dem Workshop präsentiert. Es ist vorgesehen, angenommene volle Beiträge in einem Tagungsband der Reihe Lecture Notes in Informatics (LNI) zu veröffentlichen. Voraussetzung dafür ist eine unterzeichnete Copyright-Erklärung der Autoren. Beiträge können in deutscher oder in englischer Sprache verfaßt werden. Volle Beiträge umfassen 10-14 Druckseiten im LNI-Format (Formatvorlage s. Webseite), Kurzbeiträge 4-9 Seiten. Beiträge sind per Email als MIME-Attachment im PDF-Format einzureichen. Andere Formate können nicht berücksichtigt werden. In der Email sind Beitragstitel, falls zutreffend, inhaltliche Kategorie des Beitrags (s.o.), Autorennamen, Kontaktautor, Organisation, Email-Adresse, postalische Adresse, Telefon- und Faxnummer anzugeben (ASCII). Jeder Beitrags-Eingang wird innerhalb von 7 Tagen per Email bestätigt. TERMINE --- 31.01.2004 Elektronische Einreichung an: dimva2004{at}gi-fg-sidar.de 31.03.2004 Annahme-Benachrichtigung an Autoren per E-Mail 31.04.2004 Elektronische Abgabe druckfertiger Beiträge TAGUNGSLEITUNG -- Ulrich Flegel (Vorsitz), Universität Dortmund, Fachbereich Informatik, LS6 - Informationssysteme und Sicherheit, D-44221 Dortmund Tel.: +49-231-755-4775, ulrich.flegel{at}udo.edu Michael Meier, Brandenburgische Technische Universität Cottbus, Institut für Informatik, Lehrstuhl Rechnernetze, Postfach 10 13 44, D-03013 Cottbus Tel.: +49-355-69-2028, mm{at}informatik.tu-cottbus.de PROGRAMMKOMITEE --- Thomas Biege (SuSE Linux AG) Roland Büschkes (T-Mobile) Anja Feldmann (TU München) Ulrich Flegel (stv. Vorsitz) (Uni Dortmund) Christian Freckmann (TÜV-IT) Oliver Göbel (RUS-CERT) Christian Götz (Cirosec) Dirk Häger (BSI) Marc Heuse (Unisys) Klaus Julisch (IBM Research Zürich) Oliver Karow (Symantec) Klaus-Peter Kossakowski (Presecure) Hartmut König (BTU Cottbus) Heiko Krumm (Uni Dortmund) Christopher Krügel (UCSB, Kalifornien) Holger Mack (Secorvo) Michael Meier (Vorsitz) (BTU Cottbus) Jens Nedon (Consecur) Morton Swimmer (IBM Research Zürich) Stefan Strobel (Cirosec) Marco Thorbrügge (DFN-CERT) Andreas Wespi (IBM Research Zürich) Stephen Wolthusen (Fraunhofer IGD Darmstadt) VERANSTALTER Fachgruppe SIDAR der Gesellschaft für Informatik e.V. (GI) Wissenschaftszentrum, Ahrstraße 45; D-53175 Bonn Tel.: +49-228-302-145; Fax: +49-228-302-167 http://www.gi-ev.de in Kooperation mit IEEE Task Force on Information Assurance German Chapter of the ACM Universität Dortmund -- Bye, Thomas -- Thomas Biege [EMAIL PROTECTED] SuSE Linux AG,Deutschherrnstr. 15-19,90429 Nuernberg Function: Security Support Auditing lynx -source http://www.suse.de/~thomas/contact/thomas.asc | pgp -fka Key fingerprint = 51 AD B9 C7 34 FC F2 54 01 4A 1C D4 66 64 09 83 -- ... bring the pieces back together, we discover communication... - Maynard James Keenan ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
[Full-Disclosure] SuSE Security Announcement: sendmail (SuSE-SA:2003:035)
, it is desired that the clear-text signature shows proof of the authenticity of the text. SuSE Linux AG makes no warranties of any kind whatsoever with respect to the information contained in this security advisory. Type Bits/KeyIDDate User ID pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team [EMAIL PROTECTED] pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key [EMAIL PROTECTED] - -BEGIN PGP PUBLIC KEY BLOCK- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org mQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCkYS3yEKeueNWc+z/0Kvff 4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP+Y0PFPboMvKx0FXl/A0d M+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR8xocQSVCFxcwvwCglVcO QliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U8c/yE/vdvpN6lF0tmFrK XBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0ScZqITuZC4CWxJa9GynBE D3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEhELBeGaPdNCcmfZ66rKUd G5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtBUVKn4zLUOf6aeBAoV6NM CC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOoAqajLfvkURHAeSsxXIoE myW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1nKFvF+rQoU3VTRSBQYWNr YWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohcBBMRAgAcBQI57vSBBQkD wmcABAsKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyl8sAJ98BgD40zw0GHJHIf6d NfnwI2PAsgCgjH1+PnYEl7TFjtZsqhezX7vZvYCIRgQQEQIABgUCOnBeUgAKCRCe QOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lxyoAejACeOO1HIbActAevk5MUBhNe LZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWnB/9An5vfiUUE1VQnt+T/EYklES3t XXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDVwM2OgSEISZxbzdXGnqIlcT08TzBU D9i579uifklLsnr35SJDZ6ram51/CWOnnaVhUzneOA9gTPSr+/fT3WeVnwJiQCQ3 0kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF5Yryk23pQUPAgJENDEqeU6iIO9Ot 1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3D3EN8C1yPqZd5CvvznYvB6bWBIpW cRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGuzgpJt9IXSzyohEJB6XG5+D0BiF0E ExECAB0FAjxqqTQFCQoAgrMFCwcKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyp1f AJ9dR7saz2KPNwD3U+fy/0BDKXrYGACfbJ8fQcJqCBQxeHvt9yMPDVq0B0W5Ag0E Oe70khAIAISR0E3ozF/la+oNaRwxHLrCet30NgnxRROYhPaJB/Tu1FQokn2/Qld/ HZnh3TwhBIw1FqrhWBJ7491iAjLR9uPbdWJrn+A7t8kSkPaF3Z/6kyc5a8fas44h t5h+6HMBzoFCMAq2aBHQRFRNp9Mz1ZvoXXcI1lk1l8OqcUM/ovXbDfPcXsUVeTPT tGzcAi2jVl9hl3iwJKkyv/RLmcusdsi8YunbvWGFAF5GaagYQo7YlF6UaBQnYJTM 523AMgpPQtsKm9o/w9WdgXkgWhgkhZEeqUS3m5xNey1nLu9iMvq9M/iXnGz4sg6Q 2Y+GqZ+yAvNWjRRou3zSE7Bzg28MI4sAAwYH/2D71Xc5HPDgu87WnBFgmp8MpSr8 QnSs0wwPg3xEullGEocolSb2c0ctuSyeVnCttJMzkukL9TqyF4s/6XRstWirSWaw JxRLKH6Zjo/FaKsshYKf8gBkAaddvpl3pO0gmUYbqmpQ3xDEYlhCeieXS5MkockQ 1sj2xYdB1xO0ExzfiCiscUKjUFy+mdzUsUutafuZ+gbHog1CN/ccZCkxcBa5IFCH ORrNjq9pYWlrxsEn6ApsG7JJbM2besW1PkdEoxak74z1senh36m5jQvVjA3U4xq1 wwylxadmmJaJHzeiLfb7G1ZRjZTsB7fyYxqDzMVul6o9BSwO/1XsIAnV1uuITAQY EQIADAUCOe70kgUJA8JnAAAKCRCoTtronIAKyksiAJsFB3/77SkH3JlYOGrEe1Ol 0JdGwACeKTttgeVPFB+iGJdiwQlxasOfuXyITAQYEQIADAUCPGqpWQUJCgCCxwAK CRCoTtronIAKyofBAKCSZM2UFyta/fe9WgITK9I5hbxxtQCfX+0ar2CZmSknn3co SPihn1+OBNyZAQ0DNuEtBQgAoCRcd7SVZEFcumffyEwfLTcXQjhKzOahzxpo omuF+HIyU4AGq+SU8sTZ/1SsjhdzzrSAfv1lETACA+3SmLr5KV40Us1w0UC64cwt A46xowVq1vMlH2Lib+V/qr3b1hE67nMHjysECVx9Ob4gFuKNoR2eqnAaJvjnAT8J /LoUC20EdCHUqn6v+M9t/WZgC+WNR8cq69uDy3YQhDP/nIan6fm2uf2kSV9A7ZxE GrwsWl/WX5Q/sQqMWaU6r4az98X3z90/cN+eJJ3vwtA+rm+nxEvyev+jaLuOQBDf ebh/XA4FZ35xmi+spdiVeJH4F/ubaGlmj7+wDOF3suYAPSXT2QAFEbQlU3VTRSBT ZWN1cml0eSBUZWFtIDxzZWN1cml0eUBzdXNlLmRlPokBFQMFEDbhLUfkWLKHsco8 RQEBVw4H/1vIdiOLX/7hdzYaG9crQVIk3QwaB5eBbjvLEMvuCZHiY2COUg5QdmPQ 8SlWNZ6k4nu1BLcv2g/pymPUWP9fG4tuSnlUJDrWGm3nhyhAC9iudP2u1YQY37Gb B6NPVaZiYMnEb4QYFcqv5c/r2ghSXUTYk7etd6SW6WCOpEqizhx1cqDKNZnsI/1X 11pFcO2N7rc6byDBJ1T+cK+F1Ehan9XBt/shryJmv04nli5CXQMEbiqYYMOu8iaA 8AWRgXPCWqhyGhcVD3LRhUJXjUOdH4ZiHCXaoF3zVPxpeGKEQY8iBrDeDyB3wHmj qY9WCX6cmogGQRgYG6yJqDalLqrDOdmJARUDBRA24S0Ed7LmAD0l09kBAW04B/4p WH3f1vQn3i6/+SmDjGzUu2GWGq6Fsdwo2hVM2ym6CILeow/K9JfhdwGvY8LRxWRL hn09j2IJ9P7H1Yz3qDf10AX6V7YILHtchKT1dcngCkTLmDgC4rs1iAAl3f089sRG BafGPGKv2DQjHfR1LfRtbf0P7c09Tkej1MP8HtQMW9hPkBYeXcwbCjdrVGFOzqx+ AvvJDdT6a+oyRMTFlvmZ83UV5pgoyimgjhWnM1V4bFBYjPrtWMkdXJSUXbR6Q7Pi RZWCzGRzwbaxqpl3rK/YTCphOLwEMB27B4/fcqtBzgoMOiaZA0M5fFoo54KgRIh0 zinsSx2OrWgvSiLEXXYKiEYEEBECAAYFAjseYcMACgkQnkDjEAAKq6ROVACgjhDM /3KM+iFjs5QXsnd4oFPOnbkAnjYGa1J3em+bmV2aiCdYXdOuGn4ZiQCVAwUQN7c7 whaQN/7O/JIVAQEB+QP/cYblSAmPXxSFiaHWB+MiUNw8B6ozBLK0QcMQ2YcL6+Vl D+nSZP20+Ja2nfiKjnibCv5ss83yXoHkYk2Rsa8foz6Y7tHwuPiccvqnIC/c9Cvz dbIsdxpfsi0qWPfvX/jLMpXqqnPjdIZErgxpwujas1n9016PuXA8K3MJwVjCqSKI RgQQEQIABgUCOhpCpAAKCRDHUqoysN/3gCt7AJ9adNQMbmA1iSYcbhtgvx9ByLPI DgCfZ5Wj+f7cnYpFZI6GkAyyczG09sE= =LRKC - -END PGP PUBLIC KEY BLOCK- -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.7 (GNU/Linux) iQEVAwUBP0uSXXey5gA9JdPZAQGGcgf+J8TlOK/TFlb7EsPTxjaPsGkld6KCr2FY 0ThLj7+LTW7UgQkt+3lV0gC0LUaABsd5J3+sXFkBTQ9/7C7DcAbtpT0ImjrfwssG dLyTMTa4j3fN96KWf6WA+TH4/96kb1uo1qoEZjunLdrRV4oY7yTFS2U6+6ltV1E3 08qalMCauHCRE9v3abuYtTN1QhxqYv1BtWdZej/5eGgu/uuKFiGwbqDfwL6TUzhL rYRUhfji7t88JxxH7HouZJlgB2RGh3QmVYLisdH3N3WGPzNhmeyhclSjJxPYrDGt KXHrn9+4DIn8nHZ+XxJ0oY8UdvMl26Wk4gwUgNDWM57/AdyiL+FyUA== =21Hz -END PGP SIGNATURE- Bye, Thomas -- Thomas Biege [EMAIL PROTECTED] SuSE Linux AG,Deutschherrnstr. 15
[Full-Disclosure] SuSE Security Announcement: glibc (SuSE-SA:2003:027)
/r2ghSXUTYk7etd6SW6WCOpEqizhx1cqDKNZnsI/1X 11pFcO2N7rc6byDBJ1T+cK+F1Ehan9XBt/shryJmv04nli5CXQMEbiqYYMOu8iaA 8AWRgXPCWqhyGhcVD3LRhUJXjUOdH4ZiHCXaoF3zVPxpeGKEQY8iBrDeDyB3wHmj qY9WCX6cmogGQRgYG6yJqDalLqrDOdmJARUDBRA24S0Ed7LmAD0l09kBAW04B/4p WH3f1vQn3i6/+SmDjGzUu2GWGq6Fsdwo2hVM2ym6CILeow/K9JfhdwGvY8LRxWRL hn09j2IJ9P7H1Yz3qDf10AX6V7YILHtchKT1dcngCkTLmDgC4rs1iAAl3f089sRG BafGPGKv2DQjHfR1LfRtbf0P7c09Tkej1MP8HtQMW9hPkBYeXcwbCjdrVGFOzqx+ AvvJDdT6a+oyRMTFlvmZ83UV5pgoyimgjhWnM1V4bFBYjPrtWMkdXJSUXbR6Q7Pi RZWCzGRzwbaxqpl3rK/YTCphOLwEMB27B4/fcqtBzgoMOiaZA0M5fFoo54KgRIh0 zinsSx2OrWgvSiLEXXYKiEYEEBECAAYFAjseYcMACgkQnkDjEAAKq6ROVACgjhDM /3KM+iFjs5QXsnd4oFPOnbkAnjYGa1J3em+bmV2aiCdYXdOuGn4ZiQCVAwUQN7c7 whaQN/7O/JIVAQEB+QP/cYblSAmPXxSFiaHWB+MiUNw8B6ozBLK0QcMQ2YcL6+Vl D+nSZP20+Ja2nfiKjnibCv5ss83yXoHkYk2Rsa8foz6Y7tHwuPiccvqnIC/c9Cvz dbIsdxpfsi0qWPfvX/jLMpXqqnPjdIZErgxpwujas1n9016PuXA8K3MJwVjCqSKI RgQQEQIABgUCOhpCpAAKCRDHUqoysN/3gCt7AJ9adNQMbmA1iSYcbhtgvx9ByLPI DgCfZ5Wj+f7cnYpFZI6GkAyyczG09sE= =LRKC - -END PGP PUBLIC KEY BLOCK- -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.7 (GNU/Linux) iQEVAwUBPtNwVney5gA9JdPZAQGgRwf+Jb5OmG6zuqPPAE9nf31SVOUXKY1aO+D0 eHqEM/7VbSaCQ2TAx28mYfyek1NaGudwyqDBGxyVYrrlwz0z9jkGRP/GUY4h2mBk vff5xnlzSbvetFCnoHtR/RqXXRPvnDe3GDgeJXoPpZtRYnDb/Rw/4UOKnIyev7QP iw8yupuYGEQt6yDHwMatSJAHOT3QOmYbsqy6N8GcQ2KwttaVWmHw8bm5eoJKrAAM HR0YjLAu371ZO4pfV4r3Vl2HhaQ+r+/tm4VHnySqA5YdDyM1QiX1AEi5RXqD3L0U ERYYwSc/h/jG6aqKcqAurFIdoGUqAvzevJv0quQAYRWNwbik8jzv8g== =BUi3 -END PGP SIGNATURE- Bye, Thomas -- Thomas Biege [EMAIL PROTECTED] SuSE Linux AG,Deutschherrnstr. 15-19,90429 Nuernberg Function: Security Support Auditing lynx -source http://www.suse.de/~thomas/contact/thomas.asc | gpg --import Key fingerprint = 7254 B15D B3C4 943F 485E 0BBD 8ECC D7CB C200 A213 -- Das erste Opfer einer Schlacht ist immer der Schlachtplan. ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
[Full-Disclosure] SuSE Security Announcement: apcupsd (SuSE-SA:2003:022)
/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEhELBeGaPdNCcmfZ66rKUd G5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtBUVKn4zLUOf6aeBAoV6NM CC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOoAqajLfvkURHAeSsxXIoE myW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1nKFvF+rQoU3VTRSBQYWNr YWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohcBBMRAgAcBQI57vSBBQkD wmcABAsKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyl8sAJ98BgD40zw0GHJHIf6d NfnwI2PAsgCgjH1+PnYEl7TFjtZsqhezX7vZvYCIRgQQEQIABgUCOnBeUgAKCRCe QOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lxyoAejACeOO1HIbActAevk5MUBhNe LZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWnB/9An5vfiUUE1VQnt+T/EYklES3t XXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDVwM2OgSEISZxbzdXGnqIlcT08TzBU D9i579uifklLsnr35SJDZ6ram51/CWOnnaVhUzneOA9gTPSr+/fT3WeVnwJiQCQ3 0kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF5Yryk23pQUPAgJENDEqeU6iIO9Ot 1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3D3EN8C1yPqZd5CvvznYvB6bWBIpW cRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGuzgpJt9IXSzyohEJB6XG5+D0BiF0E ExECAB0FAjxqqTQFCQoAgrMFCwcKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyp1f AJ9dR7saz2KPNwD3U+fy/0BDKXrYGACfbJ8fQcJqCBQxeHvt9yMPDVq0B0W5Ag0E Oe70khAIAISR0E3ozF/la+oNaRwxHLrCet30NgnxRROYhPaJB/Tu1FQokn2/Qld/ HZnh3TwhBIw1FqrhWBJ7491iAjLR9uPbdWJrn+A7t8kSkPaF3Z/6kyc5a8fas44h t5h+6HMBzoFCMAq2aBHQRFRNp9Mz1ZvoXXcI1lk1l8OqcUM/ovXbDfPcXsUVeTPT tGzcAi2jVl9hl3iwJKkyv/RLmcusdsi8YunbvWGFAF5GaagYQo7YlF6UaBQnYJTM 523AMgpPQtsKm9o/w9WdgXkgWhgkhZEeqUS3m5xNey1nLu9iMvq9M/iXnGz4sg6Q 2Y+GqZ+yAvNWjRRou3zSE7Bzg28MI4sAAwYH/2D71Xc5HPDgu87WnBFgmp8MpSr8 QnSs0wwPg3xEullGEocolSb2c0ctuSyeVnCttJMzkukL9TqyF4s/6XRstWirSWaw JxRLKH6Zjo/FaKsshYKf8gBkAaddvpl3pO0gmUYbqmpQ3xDEYlhCeieXS5MkockQ 1sj2xYdB1xO0ExzfiCiscUKjUFy+mdzUsUutafuZ+gbHog1CN/ccZCkxcBa5IFCH ORrNjq9pYWlrxsEn6ApsG7JJbM2besW1PkdEoxak74z1senh36m5jQvVjA3U4xq1 wwylxadmmJaJHzeiLfb7G1ZRjZTsB7fyYxqDzMVul6o9BSwO/1XsIAnV1uuITAQY EQIADAUCOe70kgUJA8JnAAAKCRCoTtronIAKyksiAJsFB3/77SkH3JlYOGrEe1Ol 0JdGwACeKTttgeVPFB+iGJdiwQlxasOfuXyITAQYEQIADAUCPGqpWQUJCgCCxwAK CRCoTtronIAKyofBAKCSZM2UFyta/fe9WgITK9I5hbxxtQCfX+0ar2CZmSknn3co SPihn1+OBNyZAQ0DNuEtBQgAoCRcd7SVZEFcumffyEwfLTcXQjhKzOahzxpo omuF+HIyU4AGq+SU8sTZ/1SsjhdzzrSAfv1lETACA+3SmLr5KV40Us1w0UC64cwt A46xowVq1vMlH2Lib+V/qr3b1hE67nMHjysECVx9Ob4gFuKNoR2eqnAaJvjnAT8J /LoUC20EdCHUqn6v+M9t/WZgC+WNR8cq69uDy3YQhDP/nIan6fm2uf2kSV9A7ZxE GrwsWl/WX5Q/sQqMWaU6r4az98X3z90/cN+eJJ3vwtA+rm+nxEvyev+jaLuOQBDf ebh/XA4FZ35xmi+spdiVeJH4F/ubaGlmj7+wDOF3suYAPSXT2QAFEbQlU3VTRSBT ZWN1cml0eSBUZWFtIDxzZWN1cml0eUBzdXNlLmRlPokBFQMFEDbhLUfkWLKHsco8 RQEBVw4H/1vIdiOLX/7hdzYaG9crQVIk3QwaB5eBbjvLEMvuCZHiY2COUg5QdmPQ 8SlWNZ6k4nu1BLcv2g/pymPUWP9fG4tuSnlUJDrWGm3nhyhAC9iudP2u1YQY37Gb B6NPVaZiYMnEb4QYFcqv5c/r2ghSXUTYk7etd6SW6WCOpEqizhx1cqDKNZnsI/1X 11pFcO2N7rc6byDBJ1T+cK+F1Ehan9XBt/shryJmv04nli5CXQMEbiqYYMOu8iaA 8AWRgXPCWqhyGhcVD3LRhUJXjUOdH4ZiHCXaoF3zVPxpeGKEQY8iBrDeDyB3wHmj qY9WCX6cmogGQRgYG6yJqDalLqrDOdmJARUDBRA24S0Ed7LmAD0l09kBAW04B/4p WH3f1vQn3i6/+SmDjGzUu2GWGq6Fsdwo2hVM2ym6CILeow/K9JfhdwGvY8LRxWRL hn09j2IJ9P7H1Yz3qDf10AX6V7YILHtchKT1dcngCkTLmDgC4rs1iAAl3f089sRG BafGPGKv2DQjHfR1LfRtbf0P7c09Tkej1MP8HtQMW9hPkBYeXcwbCjdrVGFOzqx+ AvvJDdT6a+oyRMTFlvmZ83UV5pgoyimgjhWnM1V4bFBYjPrtWMkdXJSUXbR6Q7Pi RZWCzGRzwbaxqpl3rK/YTCphOLwEMB27B4/fcqtBzgoMOiaZA0M5fFoo54KgRIh0 zinsSx2OrWgvSiLEXXYKiEYEEBECAAYFAjseYcMACgkQnkDjEAAKq6ROVACgjhDM /3KM+iFjs5QXsnd4oFPOnbkAnjYGa1J3em+bmV2aiCdYXdOuGn4ZiQCVAwUQN7c7 whaQN/7O/JIVAQEB+QP/cYblSAmPXxSFiaHWB+MiUNw8B6ozBLK0QcMQ2YcL6+Vl D+nSZP20+Ja2nfiKjnibCv5ss83yXoHkYk2Rsa8foz6Y7tHwuPiccvqnIC/c9Cvz dbIsdxpfsi0qWPfvX/jLMpXqqnPjdIZErgxpwujas1n9016PuXA8K3MJwVjCqSKI RgQQEQIABgUCOhpCpAAKCRDHUqoysN/3gCt7AJ9adNQMbmA1iSYcbhtgvx9ByLPI DgCfZ5Wj+f7cnYpFZI6GkAyyczG09sE= =LRKC - -END PGP PUBLIC KEY BLOCK- -BEGIN PGP SIGNATURE- Version: 2.6.3i Charset: noconv iQEVAwUBPoGpcney5gA9JdPZAQHr5gf+LuhcT2e8/9iFWbIhmuz3R4trje5Xnc+A whJgfviqVGpDHc9DbcM55oNBtWJOF1xbG0ZQO99BAQ7f8gR4zln+pU34s0yoCiPm wVSUg59Ji1EdRm/uVW6iBppdEVg6hVUvduwVPuz4N1MfWOmByhrt50i2tO7mChvW QLxuf3KmTYIqFmYYRRhe7wM/9yUoKo4cjMekl0tXvmn+aHvp7keC4fKndP7Uwi9T fZSCUr2BXGWC0rcOdeOeWhm+D75CzFhXw0JZpMWaTE68vwjxYOvcgnzTT4LViLB5 YjPjEzS5gEEyCZSgK44RRQu1ze5UA0Ua6i5qdSbp1NCrZEuDmMi3jQ== =qgtY -END PGP SIGNATURE- Bye, Thomas -- Thomas Biege [EMAIL PROTECTED] SuSE Linux AG,Deutschherrnstr. 15-19,90429 Nuernberg Function: Security Support Auditing lynx -source http://www.suse.de/~thomas/contact/thomas.asc | gpg --import Key fingerprint = 7254 B15D B3C4 943F 485E 0BBD 8ECC D7CB C200 A213 ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
[Full-Disclosure] SuSE Security Announcement: qpopper (SuSE-SA:2003:018)
- Version: 2.6.3i Charset: noconv iQEVAwUBPnsGmney5gA9JdPZAQEcwwgAnqPVy8/s/7v7pB2K1aLoQrySXeBXBGhl InbKzoY86tM7m6ec/3/bRvEYsL791YtsuabOy7TSGNFXVaifeIPbmB3LPfwg96L1 wL3MIs8MMjmbyrV5un16pGrDsdAAviIRr8Ut3aj/RwT0DiXUCqZoKQlPTkouB4VH Cp8ztHBbYle+fGCYsmKgojspSXzManpDbkonAgU43miEsqVJQstpalC+LfqFzJZ5 Q9ltb92gvyuYPaxlMNUlztQ25eKLMMmGRJ7jTHWtfPAKf6h4hLOJj5fPaTY7vwzI AXAMyCqj764YPzmPJcBkrN2kYizoYFawvYwbWwuDJlChdPp6GECNpg== =hTOp -END PGP SIGNATURE- Bye, Thomas -- Thomas Biege [EMAIL PROTECTED] SuSE Linux AG,Deutschherrnstr. 15-19,90429 Nuernberg Function: Security Support Auditing lynx -source http://www.suse.de/~thomas/contact/thomas.asc | gpg --import Key fingerprint = 7254 B15D B3C4 943F 485E 0BBD 8ECC D7CB C200 A213 ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
[Full-Disclosure] SuSE Security Announcement: ethereal (SuSE-SA:2003:019)
ORrNjq9pYWlrxsEn6ApsG7JJbM2besW1PkdEoxak74z1senh36m5jQvVjA3U4xq1 wwylxadmmJaJHzeiLfb7G1ZRjZTsB7fyYxqDzMVul6o9BSwO/1XsIAnV1uuITAQY EQIADAUCOe70kgUJA8JnAAAKCRCoTtronIAKyksiAJsFB3/77SkH3JlYOGrEe1Ol 0JdGwACeKTttgeVPFB+iGJdiwQlxasOfuXyITAQYEQIADAUCPGqpWQUJCgCCxwAK CRCoTtronIAKyofBAKCSZM2UFyta/fe9WgITK9I5hbxxtQCfX+0ar2CZmSknn3co SPihn1+OBNyZAQ0DNuEtBQgAoCRcd7SVZEFcumffyEwfLTcXQjhKzOahzxpo omuF+HIyU4AGq+SU8sTZ/1SsjhdzzrSAfv1lETACA+3SmLr5KV40Us1w0UC64cwt A46xowVq1vMlH2Lib+V/qr3b1hE67nMHjysECVx9Ob4gFuKNoR2eqnAaJvjnAT8J /LoUC20EdCHUqn6v+M9t/WZgC+WNR8cq69uDy3YQhDP/nIan6fm2uf2kSV9A7ZxE GrwsWl/WX5Q/sQqMWaU6r4az98X3z90/cN+eJJ3vwtA+rm+nxEvyev+jaLuOQBDf ebh/XA4FZ35xmi+spdiVeJH4F/ubaGlmj7+wDOF3suYAPSXT2QAFEbQlU3VTRSBT ZWN1cml0eSBUZWFtIDxzZWN1cml0eUBzdXNlLmRlPokBFQMFEDbhLUfkWLKHsco8 RQEBVw4H/1vIdiOLX/7hdzYaG9crQVIk3QwaB5eBbjvLEMvuCZHiY2COUg5QdmPQ 8SlWNZ6k4nu1BLcv2g/pymPUWP9fG4tuSnlUJDrWGm3nhyhAC9iudP2u1YQY37Gb B6NPVaZiYMnEb4QYFcqv5c/r2ghSXUTYk7etd6SW6WCOpEqizhx1cqDKNZnsI/1X 11pFcO2N7rc6byDBJ1T+cK+F1Ehan9XBt/shryJmv04nli5CXQMEbiqYYMOu8iaA 8AWRgXPCWqhyGhcVD3LRhUJXjUOdH4ZiHCXaoF3zVPxpeGKEQY8iBrDeDyB3wHmj qY9WCX6cmogGQRgYG6yJqDalLqrDOdmJARUDBRA24S0Ed7LmAD0l09kBAW04B/4p WH3f1vQn3i6/+SmDjGzUu2GWGq6Fsdwo2hVM2ym6CILeow/K9JfhdwGvY8LRxWRL hn09j2IJ9P7H1Yz3qDf10AX6V7YILHtchKT1dcngCkTLmDgC4rs1iAAl3f089sRG BafGPGKv2DQjHfR1LfRtbf0P7c09Tkej1MP8HtQMW9hPkBYeXcwbCjdrVGFOzqx+ AvvJDdT6a+oyRMTFlvmZ83UV5pgoyimgjhWnM1V4bFBYjPrtWMkdXJSUXbR6Q7Pi RZWCzGRzwbaxqpl3rK/YTCphOLwEMB27B4/fcqtBzgoMOiaZA0M5fFoo54KgRIh0 zinsSx2OrWgvSiLEXXYKiEYEEBECAAYFAjseYcMACgkQnkDjEAAKq6ROVACgjhDM /3KM+iFjs5QXsnd4oFPOnbkAnjYGa1J3em+bmV2aiCdYXdOuGn4ZiQCVAwUQN7c7 whaQN/7O/JIVAQEB+QP/cYblSAmPXxSFiaHWB+MiUNw8B6ozBLK0QcMQ2YcL6+Vl D+nSZP20+Ja2nfiKjnibCv5ss83yXoHkYk2Rsa8foz6Y7tHwuPiccvqnIC/c9Cvz dbIsdxpfsi0qWPfvX/jLMpXqqnPjdIZErgxpwujas1n9016PuXA8K3MJwVjCqSKI RgQQEQIABgUCOhpCpAAKCRDHUqoysN/3gCt7AJ9adNQMbmA1iSYcbhtgvx9ByLPI DgCfZ5Wj+f7cnYpFZI6GkAyyczG09sE= =LRKC - -END PGP PUBLIC KEY BLOCK- -BEGIN PGP SIGNATURE- Version: 2.6.3i Charset: noconv iQEVAwUBPnsGpHey5gA9JdPZAQGUBgf/crCDXc5kLVtXYYrsOjvgLIFe1IT8faKz 3FpinpIrXhaLjOyNn5sRTsvPScbVhKFpEPqyNaZb1NkyUB/6o6XXRHfAy/ALvAyl wzf9YygJiuei0yFZ2omy9lXrZOyIkPygs4CCxtSdYpQjOJ28m7T594qbE4ILssgv IRwPGA37OP/hVNDEx5DLUo660DPwnJq8D3Dq2+Nv7BRXggc3wMCwqLBpXMkDmg1G g4/c8tp23M0f372d5/IX95XYD33vqOiMJhl0tyLd9zDt4tmlx2kvxxTNMqL6hpB1 honV/T1pogkrVq6wv3mMtGH1GFXJCXiyY3hZu/VGRcqWuLsDVvdONg== =npqt -END PGP SIGNATURE- Bye, Thomas -- Thomas Biege [EMAIL PROTECTED] SuSE Linux AG,Deutschherrnstr. 15-19,90429 Nuernberg Function: Security Support Auditing lynx -source http://www.suse.de/~thomas/contact/thomas.asc | gpg --import Key fingerprint = 7254 B15D B3C4 943F 485E 0BBD 8ECC D7CB C200 A213 ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
[Full-Disclosure] SuSE Security Announcement: lprold (SuSE-SA:2003:0014)
/r2ghSXUTYk7etd6SW6WCOpEqizhx1cqDKNZnsI/1X 11pFcO2N7rc6byDBJ1T+cK+F1Ehan9XBt/shryJmv04nli5CXQMEbiqYYMOu8iaA 8AWRgXPCWqhyGhcVD3LRhUJXjUOdH4ZiHCXaoF3zVPxpeGKEQY8iBrDeDyB3wHmj qY9WCX6cmogGQRgYG6yJqDalLqrDOdmJARUDBRA24S0Ed7LmAD0l09kBAW04B/4p WH3f1vQn3i6/+SmDjGzUu2GWGq6Fsdwo2hVM2ym6CILeow/K9JfhdwGvY8LRxWRL hn09j2IJ9P7H1Yz3qDf10AX6V7YILHtchKT1dcngCkTLmDgC4rs1iAAl3f089sRG BafGPGKv2DQjHfR1LfRtbf0P7c09Tkej1MP8HtQMW9hPkBYeXcwbCjdrVGFOzqx+ AvvJDdT6a+oyRMTFlvmZ83UV5pgoyimgjhWnM1V4bFBYjPrtWMkdXJSUXbR6Q7Pi RZWCzGRzwbaxqpl3rK/YTCphOLwEMB27B4/fcqtBzgoMOiaZA0M5fFoo54KgRIh0 zinsSx2OrWgvSiLEXXYKiEYEEBECAAYFAjseYcMACgkQnkDjEAAKq6ROVACgjhDM /3KM+iFjs5QXsnd4oFPOnbkAnjYGa1J3em+bmV2aiCdYXdOuGn4ZiQCVAwUQN7c7 whaQN/7O/JIVAQEB+QP/cYblSAmPXxSFiaHWB+MiUNw8B6ozBLK0QcMQ2YcL6+Vl D+nSZP20+Ja2nfiKjnibCv5ss83yXoHkYk2Rsa8foz6Y7tHwuPiccvqnIC/c9Cvz dbIsdxpfsi0qWPfvX/jLMpXqqnPjdIZErgxpwujas1n9016PuXA8K3MJwVjCqSKI RgQQEQIABgUCOhpCpAAKCRDHUqoysN/3gCt7AJ9adNQMbmA1iSYcbhtgvx9ByLPI DgCfZ5Wj+f7cnYpFZI6GkAyyczG09sE= =LRKC - -END PGP PUBLIC KEY BLOCK- -BEGIN PGP SIGNATURE- Version: 2.6.3i Charset: noconv iQEVAwUBPnCkiXey5gA9JdPZAQFnoAgAnC18P5hBuRTpxmNoctCwspneKPlx3j/W XM+Talhy6bdu/07ypW90QJrCSBqYxSYbM/yPzEFQYswDrvA5JIent8s4CHRXfkpY kDfvvHL9gDKYjAgf4qMqyz00XZGbaiIXOv+cXAzk5jczm8ioaeiQT00x8Mof8B7a zzsmd/p8o/kC/PJMQYIR9kI7K0PZCo3K0PVdFUx3dgD6QTZa/mmXXClH8iGn5oCF aeXjXsRNQmNz0ZdkbREseewCWZ6y05dlVBPo7lVVgjwTrrAVJrL183p+6r8yk+7y z4jtk8tcntBNA/eBoy7EtyUIVgXpvtNsKYSimJVLkQ/TcpwIcwez2Q== =3gCQ -END PGP SIGNATURE- Bye, Thomas -- Thomas Biege [EMAIL PROTECTED] SuSE Linux AG,Deutschherrnstr. 15-19,90429 Nuernberg Function: Security Support Auditing lynx -source http://www.suse.de/~thomas/contact/thomas.asc | gpg --import Key fingerprint = 7254 B15D B3C4 943F 485E 0BBD 8ECC D7CB C200 A213 ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
[Full-Disclosure] SuSE Security Announcement: lprold (SuSE-SA:2003:0014)
/pymPUWP9fG4tuSnlUJDrWGm3nhyhAC9iudP2u1YQY37Gb B6NPVaZiYMnEb4QYFcqv5c/r2ghSXUTYk7etd6SW6WCOpEqizhx1cqDKNZnsI/1X 11pFcO2N7rc6byDBJ1T+cK+F1Ehan9XBt/shryJmv04nli5CXQMEbiqYYMOu8iaA 8AWRgXPCWqhyGhcVD3LRhUJXjUOdH4ZiHCXaoF3zVPxpeGKEQY8iBrDeDyB3wHmj qY9WCX6cmogGQRgYG6yJqDalLqrDOdmJARUDBRA24S0Ed7LmAD0l09kBAW04B/4p WH3f1vQn3i6/+SmDjGzUu2GWGq6Fsdwo2hVM2ym6CILeow/K9JfhdwGvY8LRxWRL hn09j2IJ9P7H1Yz3qDf10AX6V7YILHtchKT1dcngCkTLmDgC4rs1iAAl3f089sRG BafGPGKv2DQjHfR1LfRtbf0P7c09Tkej1MP8HtQMW9hPkBYeXcwbCjdrVGFOzqx+ AvvJDdT6a+oyRMTFlvmZ83UV5pgoyimgjhWnM1V4bFBYjPrtWMkdXJSUXbR6Q7Pi RZWCzGRzwbaxqpl3rK/YTCphOLwEMB27B4/fcqtBzgoMOiaZA0M5fFoo54KgRIh0 zinsSx2OrWgvSiLEXXYKiEYEEBECAAYFAjseYcMACgkQnkDjEAAKq6ROVACgjhDM /3KM+iFjs5QXsnd4oFPOnbkAnjYGa1J3em+bmV2aiCdYXdOuGn4ZiQCVAwUQN7c7 whaQN/7O/JIVAQEB+QP/cYblSAmPXxSFiaHWB+MiUNw8B6ozBLK0QcMQ2YcL6+Vl D+nSZP20+Ja2nfiKjnibCv5ss83yXoHkYk2Rsa8foz6Y7tHwuPiccvqnIC/c9Cvz dbIsdxpfsi0qWPfvX/jLMpXqqnPjdIZErgxpwujas1n9016PuXA8K3MJwVjCqSKI RgQQEQIABgUCOhpCpAAKCRDHUqoysN/3gCt7AJ9adNQMbmA1iSYcbhtgvx9ByLPI DgCfZ5Wj+f7cnYpFZI6GkAyyczG09sE= =LRKC - -END PGP PUBLIC KEY BLOCK- -BEGIN PGP SIGNATURE- Version: 2.6.3i Charset: noconv iQEVAwUBPnCrEney5gA9JdPZAQEmbQf/fSpxcigSHxHm3mVwzndZRteB17PwwU7O 2Gq7Yw8R1JRIayB2L9oH8oPS77hGewov+J0H+/rEzfkIy1XqhSKtSkoIs6ltUO4P POwwjJc1/AJacl0jPyK+Cp4J36eGknPPfG5eVz+em+K/9Qwacv20L2pQVuSMqqOf WCri9tFXQQrTnGpskQwemCY3hoWTp87LE0tgCVXoBv06VgcUqLaInDbPG+avMSnl idrvBgESg4WH6Dh12GXzQ4MDGyJcaUyXOXp6WfWrQocYS798QehNjpnGD05asWkO p71JLY65lIT35lR831NupgWQaDsQiWt4UhEFt7VFMSxAtFURPHquHg== =vL4I -END PGP SIGNATURE- Bye, Thomas -- Thomas Biege [EMAIL PROTECTED] SuSE Linux AG,Deutschherrnstr. 15-19,90429 Nuernberg Function: Security Support Auditing lynx -source http://www.suse.de/~thomas/contact/thomas.asc | gpg --import Key fingerprint = 7254 B15D B3C4 943F 485E 0BBD 8ECC D7CB C200 A213 ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
[Full-Disclosure] SuSE Security Announcement: hypermail (SuSE-SA:2003:0012)
-BEGIN PGP SIGNED MESSAGE- __ SuSE Security Announcement Package:hypermail Announcement-ID:SuSE-SA:2003:0012 Date: Thursday, Feb 27th 2003 18:30 MET Affected products: 7.1, 7.2, 7.3, 8.0, 8.1 Vulnerability Type: remote system compromise Severity (1-10):4 SuSE default package: no Cross References: CAN-2003-0025 Content of this advisory: 1) security vulnerability resolved: several bugs after source code review problem description, discussion, solution and upgrade information 2) pending vulnerabilities, solutions, workarounds: - vnc - w3m 3) standard appendix (further information) __ 1) problem description, brief discussion, solution, upgrade information Hypermail is a tool to convert a Unix mail-box file to a set of cross- referenced HTML documents. During an internal source code review done by Thomas Biege several bugs where found in hypermail and its tools. These bugs allow remote code execution, local tmp race conditions, denial-of-service conditions and read access to files belonging to the host hypermail is running on. Additionally the mail CGI program can be abused by spammers as email- relay and should thus be disabled. There is no temporary fix known other then disabling hypermail. Please download and install the new packages from our FTP servers. Please download the update package for your distribution and verify its integrity by the methods listed in section 3) of this announcement. Then, install the package using the command rpm -Fhv file.rpm to apply the update. Our maintenance customers are being notified individually. The packages are being offered to install from the maintenance web. Intel i386 Platform: SuSE-8.1: ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/hypermail-2.1.4-58.i586.rpm a4b683703b65cb65d0d1b246c2bf652d patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/hypermail-2.1.4-58.i586.patch.rpm 9e087a97c250c8987dda03da43e0dd1e source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/hypermail-2.1.4-58.src.rpm 9d95d9872a3ed98a4dbff25e952335d7 SuSE-8.0: ftp://ftp.suse.com/pub/suse/i386/update/8.0/ap4/hypermail-2.1.3-234.i386.rpm 53bdfc3ca1ab0c504f460ac7a18ba42e source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/hypermail-2.1.3-234.src.rpm be0df42b666fc59e38babd671479d2f1 SuSE-7.3: ftp://ftp.suse.com/pub/suse/i386/update/7.3/ap2/hypermail-2.1.2-141.i386.rpm 81194dcbb3cf149f67eac9948dd79db9 source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/7.3/zq1/hypermail-2.1.2-141.src.rpm 9a02ce79e81bab281c418070fa91dbde SuSE-7.2: ftp://ftp.suse.com/pub/suse/i386/update/7.2/ap2/hypermail-2.1.0-91.i386.rpm d61f52df6c995b65e16a4141b1b7efa1 source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/7.2/zq1/hypermail-2.1.0-91.src.rpm 66b65eed8f2daefde8115abf77511bba SuSE-7.1: ftp://ftp.suse.com/pub/suse/i386/update/7.1/ap2/hypermail-2.0b29-59.i386.rpm 698338c7d9b8961ec3d4f4ab99ee2436 source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/7.1/zq1/hypermail-2.0b29-59.src.rpm 8db31cd4981ee84a0333ec8200443bef Sparc Platform: SuSE-7.3: ftp://ftp.suse.com/pub/suse/sparc/update/7.3/ap2/hypermail-2.1.2-40.sparc.rpm 341757885457f2e4b018dbb132f1a8f8 source rpm(s): ftp://ftp.suse.com/pub/suse/sparc/update/7.3/zq1/hypermail-2.1.2-40.src.rpm cdc92a18900996524768914c79bf20d9 AXP Alpha Platform: SuSE-7.1: ftp://ftp.suse.com/pub/suse/axp/update/7.1/ap2/hypermail-2.0b29-37.alpha.rpm 980f217c12affcb3c0a6d0fd916a5115 source rpm(s): ftp://ftp.suse.com/pub/suse/axp/update/7.1/zq1/hypermail-2.0b29-37.src.rpm a2242ecc8ba2a13c3d18ca94e6ba23f0 PPC Power PC Platform: SuSE-7.3: ftp://ftp.suse.com/pub/suse/ppc/update/7.3/ap2/hypermail-2.1.2-98.ppc.rpm 6c7a197fe18a95b7594b2cd7b572837a source rpm(s): ftp://ftp.suse.com/pub/suse/ppc/update/7.3/zq1/hypermail-2.1.2-98.src.rpm e370de5432545f06731c9f841bc84054 SuSE-7.1: ftp://ftp.suse.com/pub/suse/ppc/update/7.1/ap2/hypermail-2.0b29-38.ppc.rpm 64b3be05678f4789985824e31f8335d2 source rpm(s): ftp://ftp.suse.com/pub/suse/ppc/update/7.1/zq1/hypermail-2.0b29-38.src.rpm 4cd2b65522738594d0b60333f807b8b2 __ 2) Pending vulnerabilities in SuSE Distributions and Workarounds: - vnc
[Full-Disclosure] SuSE Security Announcement: libpng (SuSE-SA:2003:0004)
zinsSx2OrWgvSiLEXXYKiEYEEBECAAYFAjseYcMACgkQnkDjEAAKq6ROVACgjhDM /3KM+iFjs5QXsnd4oFPOnbkAnjYGa1J3em+bmV2aiCdYXdOuGn4ZiQCVAwUQN7c7 whaQN/7O/JIVAQEB+QP/cYblSAmPXxSFiaHWB+MiUNw8B6ozBLK0QcMQ2YcL6+Vl D+nSZP20+Ja2nfiKjnibCv5ss83yXoHkYk2Rsa8foz6Y7tHwuPiccvqnIC/c9Cvz dbIsdxpfsi0qWPfvX/jLMpXqqnPjdIZErgxpwujas1n9016PuXA8K3MJwVjCqSKI RgQQEQIABgUCOhpCpAAKCRDHUqoysN/3gCt7AJ9adNQMbmA1iSYcbhtgvx9ByLPI DgCfZ5Wj+f7cnYpFZI6GkAyyczG09sE= =LRKC - -END PGP PUBLIC KEY BLOCK- -BEGIN PGP SIGNATURE- Version: 2.6.3i Charset: noconv iQEVAwUBPiPjeXey5gA9JdPZAQGK+Af/SCjy0WTKU6FxDM8fb46GlmwCiGUcNkpK oxbNvQ09DaAhmUG7vAvWSSmWQpE1s6UTBbD0Klcg0eHzYtKWQJBqVyAgcNvC9SkL FjCEbblh8iIwnB9q4P/2FDgdCljvu2QhnuZDFXK6D/j1Ap2kUWIqBqL5nsEyGLM/ A9MhaEBTf8bDhMapHyVgrasqrOHVFfFe+qNcRMWKRHALr2eGaBnJZA8v5e7DexNZ 3bcmA6tN4pxfq9kLNgGfzEsAQqbkzErvtcC6uteDbz+oDdP1h7QxDo4u1tV3HH7g QzG7ZNysZFq3spCRJx47cBA8T34z5DS04lSDu05cyy2ky2LX8IE7Rw== =McXt -END PGP SIGNATURE- Bye, Thomas -- Thomas Biege [EMAIL PROTECTED] SuSE Linux AG,Deutschherrnstr. 15-19,90429 Nuernberg Function: Security Support Auditing lynx -source http://www.suse.de/~thomas/contact/thomas.asc | pgp -fka Key fingerprint = 51 AD B9 C7 34 FC F2 54 01 4A 1C D4 66 64 09 83 -- Over thinking, Over analyzing, seperates the body from the mind. - Maynard James Keenan ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
[Full-Disclosure] SuSE Security Announcement: fetchmail (SuSE-SA:2003:001)
-BEGIN PGP SIGNED MESSAGE- __ SuSE Security Announcement Package:fetchmail Announcement-ID:SuSE-SA:2003:001 Date: Thursday, Jan 2nd 2003 09:30 MEST Affected products: 7.1, 7.2, 7.3, 8.0, 8.1 SuSE eMail Server 3.1 SuSE eMail Server III SuSE Firewall Adminhost VPN SuSE Linux Admin-CD for Firewall SuSE Firewall on CD 2 - VPN SuSE Firewall on CD 2 SuSE Linux Connectivity Server SuSE Linux Enterprise Server 7 SuSE Linux Enterprise Server 8 SuSE Linux Office Server UnitedLinux 1.0 Vulnerability Type: remote compromise Severity (1-10):4 SuSE default package: yes Cross References: CAN-2002-1365 Content of this advisory: 1) security vulnerability resolved: - heap buffer overflow while expanding email addresses problem description, discussion, solution and upgrade information 2) pending vulnerabilities, solutions, workarounds: - none 3) standard appendix (further information) __ 1) problem description, brief discussion, solution, upgrade information fetchmail is used to download emails from POP-, IMAP-, ETRN- or ODMR- servers. Stefan Esser of e-matters reported a bug in fetchmail's mail address expanding code which can lead to remote system compromise. When fetchmail expands email addresses in mail headers it doesn not allocated enough memory. An attacker can send a malicious formatted mail header to exhaust the memory allocated by fetchmail to overwrite parts of the heap. This can be exploited to execute arbitrary code. There is no temporary fix known. Please install the new packages from our FTP servers. Please download the update package for your distribution and verify its integrity by the methods listed in section 3) of this announcement. Then, install the package using the command rpm -Fhv file.rpm to apply the update. Our maintenance customers are being notified individually. The packages are being offered to install from the maintenance web. Intel i386 Platform: SuSE-8.1: ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/fetchmail-5.9.13-54.i586.rpm 9a8a8d20e57dd5552fc35c1d17d8f5b2 patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/fetchmail-5.9.13-54.i586.patch.rpm 9bfc1e8511d3be0da42cc32b06ffef47 source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/fetchmail-5.9.13-54.src.rpm 8e1310dfe46748320b1c92813a1e9294 SuSE-8.0: ftp://ftp.suse.com/pub/suse/i386/update/8.0/n1/fetchmail-5.9.0-279.i386.rpm 3be7d683cabd44a5f83b1c0f50a1b1e9 patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.0/n1/fetchmail-5.9.0-279.i386.patch.rpm 38c7c2cca1db2e524b1e4f29ef1e8606 source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/fetchmail-5.9.0-279.src.rpm d63b65fa7ddba8f93ffc47fa3fc84fe4 SuSE-7.3: ftp://ftp.suse.com/pub/suse/i386/update/7.3/n1/fetchmail-5.9.0-280.i386.rpm 32e4614b5cdf6afea748036e70d80bab source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/7.3/zq1/fetchmail-5.9.0-280.src.rpm 299b9512dbe87c8e16f14d28288115d3 SuSE-7.2: ftp://ftp.suse.com/pub/suse/i386/update/7.2/n1/fetchmail-5.8.0-78.i386.rpm f3267936cae7fc659007291ac15f42b4 source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/7.2/zq1/fetchmail-5.8.0-78.src.rpm 318d9781b715741cc9d27b102544d30a SuSE-7.1: ftp://ftp.suse.com/pub/suse/i386/update/7.1/n1/fetchmail-5.6.5-40.i386.rpm 311076babc7c2a75b13f24a446327ced source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/7.1/zq1/fetchmail-5.6.5-40.src.rpm 55c64a56f10aa2904955188b1a40a34a Sparc Platform: SuSE-7.3: ftp://ftp.suse.com/pub/suse/sparc/update/7.3/n1/fetchmail-5.9.0-66.sparc.rpm 5a2abaab7029167944512b8aab306770 source rpm(s): ftp://ftp.suse.com/pub/suse/sparc/update/7.3/zq1/fetchmail-5.9.0-66.src.rpm 95725d5f8aa677641ea1b041222ed8be AXP Alpha Platform: SuSE-7.1: ftp://ftp.suse.com/pub/suse/axp/update/7.1/n1/fetchmail-5.6.5-30.alpha.rpm ad4833f9e2a4e6bf31336f2dc363d3e1 source rpm(s): ftp://ftp.suse.com/pub/suse/axp/update/7.1/zq1/fetchmail-5.6.5-30.src.rpm ac786b49dcbf71357b4894c0b4fd4b55 PPC Power PC Platform:
[Full-Disclosure] SuSE Security Announcement: cups (SuSE-SA:2003:002)
-BEGIN PGP SIGNED MESSAGE- __ SuSE Security Announcement Package:cups Announcement-ID:SuSE-SA:2003:002 Date: Thursday, Jan 2nd 2003 09:30 MEST Affected products: 7.1, 7.2, 7.3, 8.0, 8.1 SuSE Linux Enterprise Server 8 UnitedLinux 1.0 Vulnerability Type: local and remote privilege escalation Severity (1-10):7 SuSE default package: since 8.1: yes prior 8.1: no Cross References: CAN-2002-1366 CAN-2002-1367 CAN-2002-1368 CAN-2002-1369 CAN-2002-1371 CAN-2002-1372 CAN-2002-1383 CAN-2002-1384 Content of this advisory: 1) security vulnerability resolved: several bugs problem description, discussion, solution and upgrade information 2) pending vulnerabilities, solutions, workarounds: - none 3) standard appendix (further information) __ 1) problem description, brief discussion, solution, upgrade information CUPS is a well known and widely used printing system for unix-like systems. iDFENSE reported several security issues with CUPS that can lead to local and remote root compromise. The following list includes all vulnerabilities: - integer overflow in HTTP interface to gain remote access with CUPS privileges - local file race condition to gain root (bug mentioned above has to be exploited first) - remotely add printers - remote denial-of-service attack due to negative length in memcpy() call - integer overflow in image handling code to gain higher privileges - gain local root due to buffer overflow of 'options' buffer - design problem to gain local root (needs added printer, see above) - wrong handling of zero width images can be abused to gain higher privileges - file descriptor leak and denial-of-service due to missing checks of return values of file/socket operations Since SuSE 8.1 CUPS is the default printing system. As a temporary workaround CUPS can be disabled and an alternative printing system like LPRng can be installed instead. New CUPS packages are available on our FTP servers. Please, install them to fix your system. Please download the update package for your distribution and verify its integrity by the methods listed in section 3) of this announcement. Then, install the package using the command rpm -Fhv file.rpm to apply the update. Our maintenance customers are being notified individually. The packages are being offered to install from the maintenance web. Intel i386 Platform: SuSE-8.1: ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/cups-1.1.15-69.i586.rpm 2531f8cf2c7ffbc45f5bdabbad31b312 patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/cups-1.1.15-69.i586.patch.rpm 048c97ac172f3a838bb3e4789250cd56 ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/cups-libs-1.1.15-69.i586.rpm 3daffc6cac8a067c2a8b52768ada25a0 patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/cups-libs-1.1.15-69.i586.patch.rpm 74045133ea1780aa311dab78af0ea7a5 ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/cups-client-1.1.15-69.i586.rpm 593fedd856a9568147f76e70cdd32b94 patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/cups-client-1.1.15-69.i586.patch.rpm 9a67ef7fd0162283d662581866a68263 source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/cups-1.1.15-69.src.rpm cad9236a0f71d1ad263c4c79e6d4337f SuSE-8.0: ftp://ftp.suse.com/pub/suse/i386/update/8.0/n2/cups-1.1.12-90.i386.rpm 9d1d9c3cc395e6355da6f8f1b9ccee5c patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.0/n2/cups-1.1.12-90.i386.patch.rpm b17bfb78daac61a05c92e938e2d89463 ftp://ftp.suse.com/pub/suse/i386/update/8.0/n1/cups-libs-1.1.12-90.i386.rpm 9ec263cb51c223798818509f50246ec9 patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.0/n1/cups-libs-1.1.12-90.i386.patch.rpm a59edfa5ba38116ccd4c264863c4bbf8 ftp://ftp.suse.com/pub/suse/i386/update/8.0/n2/cups-client-1.1.12-90.i386.rpm fef9316839a2747111201b5e035295ad patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.0/n2/cups-client-1.1.12-90.i386.patch.rpm 80525203e712a959badab348d07f81a9 source rpm(s):
[Full-Disclosure] SuSE Security Announcement: pine (SuSE-SA:2002:046)
RgQQEQIABgUCOhpCpAAKCRDHUqoysN/3gCt7AJ9adNQMbmA1iSYcbhtgvx9ByLPI DgCfZ5Wj+f7cnYpFZI6GkAyyczG09sE= =LRKC - -END PGP PUBLIC KEY BLOCK- -BEGIN PGP SIGNATURE- Version: 2.6.3i Charset: noconv iQEVAwUBPeIANHey5gA9JdPZAQHKlwf9EPQPcv2iqlHKQPGMeVqgKUsvA/psvxPF JHfwcZe64VvyL8o3Q/ERp2gWhBhfqI/yELMW+2nnILXEwPntZwL1P2/+BewecUFm XhOsKSdKQdaw77qyhJL+RAMf83nhZS5xRv5ckPfTgLAIIiigonQPCwq/8j5ciGmi XsEnr/aQKlaULqEEaUMyNvBuE155jIX4EDgK5WqrbJWhFuVdR4M5RqstGQx7OQ3U qltnex/G1BJ4eZPA33PW0BQEGgGFdlGHjcf6IB2A0ZTVqtUTI/F2SaFFJHBpeXBp Q+YLq/Tp0SNCGj9M5a0JN1qY1yGJxIvVscWv4Ta1z09kSBcgrDR8Ww== =ltD3 -END PGP SIGNATURE- Bye, Thomas -- Thomas Biege [EMAIL PROTECTED] SuSE Linux AG,Deutschherrnstr. 15-19,90429 Nuernberg Function: Security Support Auditing lynx -source http://www.suse.de/~thomas/contact/thomas.asc | pgp -fka Key fingerprint = 51 AD B9 C7 34 FC F2 54 01 4A 1C D4 66 64 09 83 -- Over thinking, Over analyzing, seperates the body from the mind. - Maynard James Keenan ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
[Full-Disclosure] SuSE Security Announcement: hylafax (SuSE-SA:2002:035)
/1SsjhdzzrSAfv1lETACA+3SmLr5KV40Us1w0UC64cwt A46xowVq1vMlH2Lib+V/qr3b1hE67nMHjysECVx9Ob4gFuKNoR2eqnAaJvjnAT8J /LoUC20EdCHUqn6v+M9t/WZgC+WNR8cq69uDy3YQhDP/nIan6fm2uf2kSV9A7ZxE GrwsWl/WX5Q/sQqMWaU6r4az98X3z90/cN+eJJ3vwtA+rm+nxEvyev+jaLuOQBDf ebh/XA4FZ35xmi+spdiVeJH4F/ubaGlmj7+wDOF3suYAPSXT2QAFEbQlU3VTRSBT ZWN1cml0eSBUZWFtIDxzZWN1cml0eUBzdXNlLmRlPokBFQMFEDbhLUfkWLKHsco8 RQEBVw4H/1vIdiOLX/7hdzYaG9crQVIk3QwaB5eBbjvLEMvuCZHiY2COUg5QdmPQ 8SlWNZ6k4nu1BLcv2g/pymPUWP9fG4tuSnlUJDrWGm3nhyhAC9iudP2u1YQY37Gb B6NPVaZiYMnEb4QYFcqv5c/r2ghSXUTYk7etd6SW6WCOpEqizhx1cqDKNZnsI/1X 11pFcO2N7rc6byDBJ1T+cK+F1Ehan9XBt/shryJmv04nli5CXQMEbiqYYMOu8iaA 8AWRgXPCWqhyGhcVD3LRhUJXjUOdH4ZiHCXaoF3zVPxpeGKEQY8iBrDeDyB3wHmj qY9WCX6cmogGQRgYG6yJqDalLqrDOdmJARUDBRA24S0Ed7LmAD0l09kBAW04B/4p WH3f1vQn3i6/+SmDjGzUu2GWGq6Fsdwo2hVM2ym6CILeow/K9JfhdwGvY8LRxWRL hn09j2IJ9P7H1Yz3qDf10AX6V7YILHtchKT1dcngCkTLmDgC4rs1iAAl3f089sRG BafGPGKv2DQjHfR1LfRtbf0P7c09Tkej1MP8HtQMW9hPkBYeXcwbCjdrVGFOzqx+ AvvJDdT6a+oyRMTFlvmZ83UV5pgoyimgjhWnM1V4bFBYjPrtWMkdXJSUXbR6Q7Pi RZWCzGRzwbaxqpl3rK/YTCphOLwEMB27B4/fcqtBzgoMOiaZA0M5fFoo54KgRIh0 zinsSx2OrWgvSiLEXXYKiEYEEBECAAYFAjseYcMACgkQnkDjEAAKq6ROVACgjhDM /3KM+iFjs5QXsnd4oFPOnbkAnjYGa1J3em+bmV2aiCdYXdOuGn4ZiQCVAwUQN7c7 whaQN/7O/JIVAQEB+QP/cYblSAmPXxSFiaHWB+MiUNw8B6ozBLK0QcMQ2YcL6+Vl D+nSZP20+Ja2nfiKjnibCv5ss83yXoHkYk2Rsa8foz6Y7tHwuPiccvqnIC/c9Cvz dbIsdxpfsi0qWPfvX/jLMpXqqnPjdIZErgxpwujas1n9016PuXA8K3MJwVjCqSKI RgQQEQIABgUCOhpCpAAKCRDHUqoysN/3gCt7AJ9adNQMbmA1iSYcbhtgvx9ByLPI DgCfZ5Wj+f7cnYpFZI6GkAyyczG09sE= =LRKC - -END PGP PUBLIC KEY BLOCK- -BEGIN PGP SIGNATURE- Version: 2.6.3in Charset: noconv iQEVAwUBPZ2QC3ey5gA9JdPZAQES0gf/Un5d3SHgL+xDlFaseqLg6t7NHa1d4KRw ZM8eqLE+ClFpfq+o/Rf97DqAaQZYrvUYzleOUUcvci2BLevCFMbqBsRxBc0FvU7G lvxgJkjslnlBxjAgkvXp/DmEcYN3sVH/4f8eLtq+cUb4AwU01elI7mThE6l3n6P6 Xq2q4NdWnw1RAXmsgfjNkRuX5gNUgULRUYFFlQF/ycKleoml/DQCH7dBet9tBQQP jem58hBq2cnQmTG2GyFFs0fsb81PCfxk0LrrxveKoMHR/cgH/y2sOBCu01bEzBBe HhpZPhgOcO1CxijXuEufaPbufXN5d/L2gHJpQK54L7Oc6n8zsDLXmg== =7yxm -END PGP SIGNATURE- Bye, Thomas -- Thomas Biege [EMAIL PROTECTED] SuSE Linux AG,Deutschherrnstr. 15-19,90429 Nuernberg Function: Security Support Auditing lynx -source http://www.suse.de/~thomas/contact/thomas.asc | pgp -fka Key fingerprint = 51 AD B9 C7 34 FC F2 54 01 4A 1C D4 66 64 09 83 -- Cold silence has a tendency to atrophy any sense of compassion - Maynard James Keenan ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
[Full-Disclosure] SuSE Security Announcement: mod_php4 (SuSE-SA:2002:036)
+M9t/WZgC+WNR8cq69uDy3YQhDP/nIan6fm2uf2kSV9A7ZxE GrwsWl/WX5Q/sQqMWaU6r4az98X3z90/cN+eJJ3vwtA+rm+nxEvyev+jaLuOQBDf ebh/XA4FZ35xmi+spdiVeJH4F/ubaGlmj7+wDOF3suYAPSXT2QAFEbQlU3VTRSBT ZWN1cml0eSBUZWFtIDxzZWN1cml0eUBzdXNlLmRlPokBFQMFEDbhLUfkWLKHsco8 RQEBVw4H/1vIdiOLX/7hdzYaG9crQVIk3QwaB5eBbjvLEMvuCZHiY2COUg5QdmPQ 8SlWNZ6k4nu1BLcv2g/pymPUWP9fG4tuSnlUJDrWGm3nhyhAC9iudP2u1YQY37Gb B6NPVaZiYMnEb4QYFcqv5c/r2ghSXUTYk7etd6SW6WCOpEqizhx1cqDKNZnsI/1X 11pFcO2N7rc6byDBJ1T+cK+F1Ehan9XBt/shryJmv04nli5CXQMEbiqYYMOu8iaA 8AWRgXPCWqhyGhcVD3LRhUJXjUOdH4ZiHCXaoF3zVPxpeGKEQY8iBrDeDyB3wHmj qY9WCX6cmogGQRgYG6yJqDalLqrDOdmJARUDBRA24S0Ed7LmAD0l09kBAW04B/4p WH3f1vQn3i6/+SmDjGzUu2GWGq6Fsdwo2hVM2ym6CILeow/K9JfhdwGvY8LRxWRL hn09j2IJ9P7H1Yz3qDf10AX6V7YILHtchKT1dcngCkTLmDgC4rs1iAAl3f089sRG BafGPGKv2DQjHfR1LfRtbf0P7c09Tkej1MP8HtQMW9hPkBYeXcwbCjdrVGFOzqx+ AvvJDdT6a+oyRMTFlvmZ83UV5pgoyimgjhWnM1V4bFBYjPrtWMkdXJSUXbR6Q7Pi RZWCzGRzwbaxqpl3rK/YTCphOLwEMB27B4/fcqtBzgoMOiaZA0M5fFoo54KgRIh0 zinsSx2OrWgvSiLEXXYKiEYEEBECAAYFAjseYcMACgkQnkDjEAAKq6ROVACgjhDM /3KM+iFjs5QXsnd4oFPOnbkAnjYGa1J3em+bmV2aiCdYXdOuGn4ZiQCVAwUQN7c7 whaQN/7O/JIVAQEB+QP/cYblSAmPXxSFiaHWB+MiUNw8B6ozBLK0QcMQ2YcL6+Vl D+nSZP20+Ja2nfiKjnibCv5ss83yXoHkYk2Rsa8foz6Y7tHwuPiccvqnIC/c9Cvz dbIsdxpfsi0qWPfvX/jLMpXqqnPjdIZErgxpwujas1n9016PuXA8K3MJwVjCqSKI RgQQEQIABgUCOhpCpAAKCRDHUqoysN/3gCt7AJ9adNQMbmA1iSYcbhtgvx9ByLPI DgCfZ5Wj+f7cnYpFZI6GkAyyczG09sE= =LRKC - -END PGP PUBLIC KEY BLOCK- -BEGIN PGP SIGNATURE- Version: 2.6.3in Charset: noconv iQEVAwUBPaFTRHey5gA9JdPZAQEU5wf9E3Kq7go9IuRddxJBsQHQnz5KLdiOofla MR5gO0EziakIO47L3U5XnuRQowjuTQ6ADdVSzyI1T3rqZqhF2lVMed2dMqHes6ge tRCyi1XTJG99UUDG8FuKmCKMepxmwqhM5zK85h/P4wK/0g/6MaxipkLcuDA8EXkk ikxvKbXA2wdc2aEruRHZRIOmEL/yqSpqZRSY8qSEIxhnKF8DWLN3ZBwyIaFIfCgH UL8Td51OfajydtAMSfF8IdrrrYS8RKO8UycgoEq/z5U1U4GpdEBy5mS0ure0NNGY 9lxFyn66lgE+eJ0V3v1BiSWyGvZBTlQeuATMsK+n7vMqNBM0st8zSw== =lMYP -END PGP SIGNATURE- Bye, Thomas -- Thomas Biege [EMAIL PROTECTED] SuSE Linux AG,Deutschherrnstr. 15-19,90429 Nuernberg Function: Security Support Auditing lynx -source http://www.suse.de/~thomas/contact/thomas.asc | pgp -fka Key fingerprint = 51 AD B9 C7 34 FC F2 54 01 4A 1C D4 66 64 09 83 -- Cold silence has a tendency to atrophy any sense of compassion - Maynard James Keenan ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html