From please_reply_to_security@sco.com Thu Feb 19 20:18:03 2004 From: please_reply_to_security@sco.com To: announce@lists.caldera.com, bugtraq@securityfocus.com, full-disclosure@lists.netsys.com, security-alerts@linuxsecurity.com Date: Thu, 19 Feb 2004 15:04:51 -0800 (PST) Subject: OpenLinux: Fetchmail 6.2.4 and earlier remote dennial of service -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SCO Security Advisory Subject: OpenLinux: Fetchmail 6.2.4 and earlier remote dennial of service Advisory number: CSSA-2004-004.0 Issue date: 2004 February 19 Cross reference: sr886097 fz528427 erg712468 CAN-2003-0792 ______________________________________________________________________________ 1. Problem Description Fetchmail 6.2.4 and earlier does not properly allocate memory for long lines, which allows remote attackers to cause a denial of service (crash) via a certain email. Fetchmail is a full-featured, robust, well-documented remote-mail retrieval and forwarding utility intended to be used over on- demand TCP/IP links (such as SLIP or PPP connections). It supports every remote-mail protocol now in use on the Internet: POP2, POP3, RPOP, APOP, KPOP, all flavors of IMAP, ETRN, and ODMR. It can even support IPv6 and IPSEC. Fetchmail retrieves mail from remote mail servers and forwards it via SMTP, so it can then be read by normal mail user agents such as mutt, elm(1) or BSD Mail. It allows all your system MTA's filtering, forwarding, and aliasing facilities to work just as they would on normal mail. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0792 to this issue. 2. Vulnerable Supported Versions System Package ---------------------------------------------------------------------- OpenLinux 3.1.1 Server prior to fetchmail-6.2.5-1.i386.rpm prior to fetchmailconf-6.2.5-1.i386.rpm OpenLinux 3.1.1 Workstation prior to fetchmail-6.2.5-1.i386.rpm prior to fetchmailconf-6.2.5-1.i386.rpm 3. Solution The proper solution is to install the latest packages. Many customers find it easier to use the Caldera System Updater, called cupdate (or kcupdate under the KDE environment), to update these packages rather than downloading and installing them by hand. 4. OpenLinux 3.1.1 Server 4.1 Package Location ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-004.0/RPMS 4.2 Packages 60ded90624478cf42bbafdb3530b1431 fetchmail-6.2.5-1.i386.rpm b5812d5463a264a37dbeac6a3f3084f0 fetchmailconf-6.2.5-1.i386.rpm 4.3 Installation rpm -Fvh fetchmail-6.2.5-1.i386.rpm rpm -Fvh fetchmailconf-6.2.5-1.i386.rpm 4.4 Source Package Location ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-004.0/SRPMS 4.5 Source Packages f7fea66f02c98436847aab205922a180 fetchmail-6.2.5-1.src.rpm 5. OpenLinux 3.1.1 Workstation 5.1 Package Location ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2004-004.0/RPMS 5.2 Packages 195568e0570b8e0682d93b3d27a4d3de fetchmail-6.2.5-1.i386.rpm 7d81aed49392ce9df04ae4b421fd80e7 fetchmailconf-6.2.5-1.i386.rpm 5.3 Installation rpm -Fvh fetchmail-6.2.5-1.i386.rpm rpm -Fvh fetchmailconf-6.2.5-1.i386.rpm 5.4 Source Package Location ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2004-004.0/SRPMS 5.5 Source Packages 3035d06b88de3840707e2e180304ee53 fetchmail-6.2.5-1.src.rpm 6. References Specific references for this advisory: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0792 SCO security resources: http://www.sco.com/support/security/index.html This security fix closes SCO incidents sr886097 fz528427 erg712468. 7. Disclaimer SCO is not responsible for the misuse of any of the information we provide on this website and/or through our security advisories. Our advisories are a service to our customers intended to promote secure installation and use of SCO products. 8. Acknowledgements SCO would like to thank Dave Jones and Mark Cox at Red Hat. ______________________________________________________________________________ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (SCO/UNIX_SVR5) iD8DBQFANTycbluZssSXDTERAvRaAJ4m+WaovTwGUSZQgNYZBayCPJ/h0gCglk0s lm/Co3aOVRP2TnFXpasf5Oc= =odDf -----END PGP SIGNATURE-----