漏洞信息详情
Eric S. Raymond Fetchmail Multidrop模式EMAIL头解析堆缓冲区溢出漏洞
- CNNVD编号:CNNVD-200210-261
- 危害等级: 高危
- CVE编号: CVE-2002-1174
- 漏洞类型: 缓冲区溢出
- 发布时间: 2002-10-11
- 威胁类型: 远程
- 更新时间: 2005-10-20
- 厂 商: fetchmail
- 漏洞来源: Stefan Esser※ s.es...
漏洞简介
Fetchmail是一款由Eric S. Raymond维护的免费开放源代码邮件客户端。 Fetchmail运行在multidrop模式下解析邮件头的代码存在问题,远程攻击者可以利用这个漏洞进行基于堆的缓冲区溢出,可能以Fetchmail进程在系统上执行任意指令。 Fetchmail运行在multidrop模式下,使用parse_received()函数解析邮件\"Received:\"字符时存在问题。这个函数把\"Received:\"数据拷贝到基于堆的缓冲区时没有进行任何大小检查,特殊构建的\"Received:\"头数据可以覆盖任意字节的堆缓冲区。精心构建\"Received:\"头数据可覆盖堆中的任意地址,利用free()/realloc()函数可以导致以Fetchmail进程的权限在系统上执行任意指令。
漏洞公告
厂商补丁: Conectiva --------- Conectiva已经为此发布了一个安全公告(CLA-2002:531)以及相应补丁:
CLA-2002:531:fetchmail
链接: http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000531
补丁下载:
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/fetchmail-5.9.12-1U60_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/fetchmailconf-5.9.12-1U60_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/fetchmail-doc-5.9.12-1U60_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/SRPMS/fetchmail-5.9.12-1U60_3cl.src.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/fetchmail-5.9.12-1U70_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/fetchmailconf-5.9.12-1U70_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/fetchmail-doc-5.9.12-1U70_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/SRPMS/fetchmail-5.9.12-1U70_3cl.src.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/fetchmail-5.9.12-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/fetchmailconf-5.9.12-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/fetchmail-doc-5.9.12-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/SRPMS/fetchmail-5.9.12-1U80_2cl.src.rpm
Conectiva Linux version 6.0及以上版本的用户可以使用apt进行RPM包的更新:
- 把以下的文本行加入到/etc/apt/sources.list文件中:
rpm [cncbr] ftp://atualizacoes.conectiva.com.br 6.0/conectiva updates
(如果你不是使用6.0版本,用合适的版本号代替上面的6.0)
- 执行: apt-get update
- 更新以后,再执行: apt-get upgrade Debian ------ Debian已经为此发布了一个安全公告(DSA-171-1)以及相应补丁:
DSA-171-1:New fetchmail packages fix buffer overflows
链接: http://www.debian.org/security/2002/dsa-171
补丁下载:
Source archives:
http://security.debian.org/pool/updates/main/f/fetchmail/fetchmail_5.3.3-4.2.dsc
Size/MD5 checksum: 566 86a1178baa3487e805a33355ad3ae9ca
http://security.debian.org/pool/updates/main/f/fetchmail/fetchmail_5.3.3-4.2.diff.gz
Size/MD5 checksum: 27775 0333f3e025e4b37abee2a64491f38eea
http://security.debian.org/pool/updates/main/f/fetchmail/fetchmail_5.3.3.orig.tar.gz
Size/MD5 checksum: 755731 d2cffc4594ec2d36db6681b800f25e2a
Architecture independent components:
http://security.debian.org/pool/updates/main/f/fetchmail/fetchmailconf_5.3.3-4.2_all.deb
Size/MD5 checksum: 63276 0b4940f3a569415e7c28dd96c38320cb
Alpha architecture:
http://security.debian.org/pool/updates/main/f/fetchmail/fetchmail_5.3.3-4.2_alpha.deb
Size/MD5 checksum: 371634 1baca38aca2bf43437d56e10ed88a862
ARM architecture:
http://security.debian.org/pool/updates/main/f/fetchmail/fetchmail_5.3.3-4.2_arm.deb
Size/MD5 checksum: 349456 44de8a9abf92435bbf5b964f3acc0fa6
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/f/fetchmail/fetchmail_5.3.3-4.2_i386.deb
Size/MD5 checksum: 319508 a6574ad75f79694b96f51b9773be623b
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/f/fetchmail/fetchmail_5.3.3-4.2_m68k.deb
Size/MD5 checksum: 315662 cfce75c2bf709837dfbc3dc6708abd81
PowerPC architecture:
http://security.debian.org/pool/updates/main/f/fetchmail/fetchmail_5.3.3-4.2_powerpc.deb
Size/MD5 checksum: 350250 8129d3f2ce8d0c0bd2403266b48a6bde
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/f/fetchmail/fetchmail_5.3.3-4.2_sparc.deb
Size/MD5 checksum: 350714 2c12d41c04324b5df87238d46f80cb76
Debian GNU/Linux 3.0 alias woody
- --------------------------------
Source archives:
http://security.debian.org/pool/updates/main/f/fetchmail/fetchmail_5.9.11-6.1.dsc
Size/MD5 checksum: 712 f10e451766beab56196f34798c7ba9db
http://security.debian.org/pool/updates/main/f/fetchmail/fetchmail_5.9.11-6.1.diff.gz
Size/MD5 checksum: 300108 b9fa639e6a9582ac96d7ec4a495b0a3c
http://security.debian.org/pool/updates/main/f/fetchmail/fetchmail_5.9.11.orig.tar.gz
Size/MD5 checksum: 950273 fff00cbf7be1d01a17605fee23ac96dd
http://security.debian.org/pool/updates/main/f/fetchmail-ssl/fetchmail-ssl_5.9.11-6.1.dsc
Size/MD5 checksum: 707 43775de628a7fc825041f699c59a9578
http://security.debian.org/pool/updates/main/f/fetchmail-ssl/fetchmail-ssl_5.9.11-6.1.diff.gz
Size/MD5 checksum: 296194 e1e0e64a296b6f0454298fc1dedf808d
http://security.debian.org/pool/updates/main/f/fetchmail-ssl/fetchmail-ssl_5.9.11.orig.tar.gz
Size/MD5 checksum: 950273 fff00cbf7be1d01a17605fee23ac96dd
Architecture independent components:
参考网址
来源: MANDRAKE 名称: MDKSA-2002:063 链接:http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-063.php 来源: DEBIAN 名称: DSA-171 链接:http://www.debian.org/security/2002/dsa-171 来源: BID 名称: 5827 链接:http://www.securityfocus.com/bid/5827 来源: BID 名称: 5825 链接:http://www.securityfocus.com/bid/5825 来源: ENGARDE 名称: ESA-20021003-023 链接:http://www.linuxsecurity.com/advisories/other_advisory-2402.HTML 来源: XF 名称: fetchmail-multidrop-bo(10203) 链接:http://www.iss.net/security_center/static/10203.php 来源: REDHAT 名称: RHSA-2002:215 链接:http://rhn.redhat.com/errata/RHSA-2002-215.HTML 来源: BUGTRAQ 名称: 20020929 Advisory 03/2002: Fetchmail remote vulnerabilities 链接:http://marc.theaimsgroup.com/?l=bugtraq&m=103340148625187&w=2 来源: CONECTIVA 名称: CLA-2002:531 链接:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000531
受影响实体
- Fetchmail Fetchmail:5.3.1
- Fetchmail Fetchmail:5.5.2
- Fetchmail Fetchmail:4.5.8
- Fetchmail Fetchmail:5.5.0
- Fetchmail Fetchmail:4.6.9
补丁
暂无
评论