SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (E-mail Server)  >   Fetchmail Vendors:   Raymond, Eric S.
(Caldera Issues Fix) Fetchmail Can Be Crashed By Remote Users Sending E-Mail With Certain Header Contents
SecurityTracker Alert ID:  1001844
SecurityTracker URL:  http://securitytracker.com/id/1001844
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Jun 27 2001
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 5.6.8-2 for Null crash; 5.7.1-2 for SPAM crash; possibly others
Description:   A vulnerability has been reported in the Fetchmail remote mail retrieval software. A remote user can send an e-mail with a long "To:" header that will cause Fetchmail to crash.

Fetchmail reportedly contains a buffer overflow in the handling of headers. It may be possible to exploit this overflow to execute arbitrary code with the privileges of the fetchmail daemon, but this was not confirmed.

If a remote user sends e-mail with a large "To:" line (greater than 25000 characters), Fetchmail will crash with a segmentation fault.

Impact:   A remote user can cause the Fetchmail daemon to crash.
Solution:   The vendor has released a fix. See the Source Message for the vendor's advisory containing directions on how to obtain the appropriate fix.
Vendor URL:  www.tuxedo.org/~esr/fetchmail/ (Links to External Site)
Cause:   Boundary error
Underlying OS:  Linux (Caldera/SCO)

Message History:   This archive entry is a follow-up to the message listed below.
Jun 15 2001 Fetchmail Can Be Crashed By Remote Users Sending E-Mail With Certain Header Contents



 Source Message Contents

Subject:  Security Update: [CSSA-2001-022.1] buffer overflow in fetchmail


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

______________________________________________________________________________
		   Caldera International, Inc.  Security Advisory

Subject:		buffer overflow in fetchmail
Advisory number: 	CSSA-2001-022.1
Issue date: 		2001 June, 22
Cross reference:        CSSA-2001-022.0
______________________________________________________________________________


1. Problem Description

   In previous versions of fetchmail, there were buffer overflows 
   when handling mail messages with very long header fields.

   This hole could theoretically be exploited remotely by sending
   messages with such headers.

2. Vulnerable Versions

   System                       Package
   -----------------------------------------------------------
   OpenLinux 2.3		All packages previous to
   				fetchmail-5.0.4-1

   OpenLinux eServer 2.3.1      All packages previous to
   and OpenLinux eBuilder  	fetchmail-5.0.4-1

   OpenLinux eDesktop 2.4       All packages previous to
   				fetchmail-5.2.0-2

   OpenLinux 3.1 Server		All packages previous to
				fetchmail-5.4.0-5a	

   OpenLinux 3.1 Workstation    All packages previous to
				fetchmail-5.4.0-5a

3. Solution

   Workaround

      none

   The proper solution is to upgrade to the latest packages.

4. OpenLinux 2.3

   4.1 Location of Fixed Packages

       The upgrade packages can be found on Caldera's FTP site at:

       ftp://ftp.caldera.com/pub/updates/OpenLinux/2.3/current/RPMS/

       The corresponding source code package can be found at:

       ftp://ftp.caldera.com/pub/updates/OpenLinux/2.3/current/SRPMS
   
   4.2 Verification

       62bbe7566a6eea7df05542c41f8024a9  RPMS/fetchmail-5.0.4-1.i386.rpm
       05f3db8ec0bb7178d123af4e9761eee5  SRPMS/fetchmail-5.0.4-1.src.rpm

   4.3 Installing Fixed Packages

       Upgrade the affected packages with the following commands:

          rpm -Fhv fetchmail*.i386.rpm

5. OpenLinux eServer 2.3.1 and OpenLinux eBuilder for ECential 3.0

   5.1 Location of Fixed Packages

       The upgrade packages can be found on Caldera's FTP site at:

       ftp://ftp.caldera.com/pub/updates/eServer/2.3/current/RPMS/

       The corresponding source code package can be found at:

       ftp://ftp.caldera.com/pub/updates/eServer/2.3/current/SRPMS

   5.2 Verification

       bf8ed2912bdd5a0c6f5e5d50db552c29  RPMS/fetchmail-5.0.4-1.i386.rpm
       05f3db8ec0bb7178d123af4e9761eee5  SRPMS/fetchmail-5.0.4-1.src.rpm

   5.3 Installing Fixed Packages

       Upgrade the affected packages with the following commands:

          rpm -Fvh fetchmail*i386.rpm

6. OpenLinux eDesktop 2.4

   6.1 Location of Fixed Packages

       The upgrade packages can be found on Caldera's FTP site at:

       ftp://ftp.caldera.com/pub/updates/eDesktop/2.4/current/RPMS/

       The corresponding source code package can be found at:

       ftp://ftp.caldera.com/pub/updates/eDesktop/2.4/current/SRPMS

   6.2 Verification

       2d278844840df47146795ae11e638493  RPMS/fetchmail-5.2.0-2.i386.rpm
       85c4c3f805db47041681665f8beb3986  SRPMS/fetchmail-5.2.0-2.src.rpm

   6.3 Installing Fixed Packages

       Upgrade the affected packages with the following commands:

           rpm -Fvh fetchmail*i386.rpm

7. OpenLinux 3.1 Server

   7.1 Location of Fixed Packages

   The upgrade packages can be found on Caldera's FTP site at:

   ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/current/RPMS/

   The corresponding source code package can be found at:

   ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/current/SRPMS

   7.2 Verification

       d869c5bdc83bd5bd28624def44fde168  RPMS/fetchmail-5.4.0-5a.i386.rpm
       6ee33ac553e4e68e8193bf3c858d1411  RPMS/fetchmailconf-5.4.0-5a.i386.rpm
       f93919dc140aad6f1b4e6c256d1c81e0  SRPMS/fetchmail-5.4.0-5a.src.rpm

   7.3 Installing Fixed Packages

       Upgrade the affected packages with the following commands:

           rpm -Fvh fetchmail*i386.rpm

       or start kcupdate, the Caldera OpenLinux Update Manager 

8. OpenLinux 3.1 Workstation

   8.1 Location of Fixed Packages

   The upgrade packages can be found on Caldera's FTP site at:

   ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Workstation/current/RPMS/

   The corresponding source code package can be found at:

   ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Workstation/current/SRPMS

   8.2 Verification

       d869c5bdc83bd5bd28624def44fde168  RPMS/fetchmail-5.4.0-5a.i386.rpm
       6ee33ac553e4e68e8193bf3c858d1411  RPMS/fetchmailconf-5.4.0-5a.i386.rpm
       f93919dc140aad6f1b4e6c256d1c81e0  SRPMS/fetchmail-5.4.0-5a.src.rpm

   8.3 Installing Fixed Packages

       Upgrade the affected packages with the following commands:

           rpm -Fvh fetchmail*i386.rpm

       or start kcupdate, the Caldera OpenLinux Update Manager 

9. References

   This and other Caldera security resources are located at:

   http://www.caldera.com/support/security/index.html

   This security fix closes Caldera's internal Problem Report 10115.

10.Disclaimer

   Caldera International, Inc. is not responsible for the misuse of
   any of the information we provide on this website and/or through our
   security advisories. Our advisories are a service to our customers
   intended to promote secure installation and use of Caldera OpenLinux.
______________________________________________________________________________
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.5 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE7MzFs18sy83A/qfwRAvGsAJ0SfeyUPIWZSyl9Jw+xqCmtZsAsPwCgo0JD
0iSgUW97xFONiWD85WjANto=
=cTu1
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: announce-unsubscribe@lists.caldera.com
For additional commands, e-mail: announce-help@lists.caldera.com


 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2022, SecurityGlobal.net LLC