From dzimi at pld.org.pl Fri Nov 29 23:02:54 2002 From: dzimi at pld.org.pl (Krzysiek Taraszka) Date: Tue Dec 20 11:03:10 2005 Subject: [PLDSA 1-1] New pine packages fix remote denial of service Message-ID: - -------------------------------------------------------------------------- PLD Security Advisory PLDSA 1-1 security@pld.org.pl http://www.pld.org.pl/security/ PLD Security Team 29 November 2002 http://www.pld.org.pl/security/faq - -------------------------------------------------------------------------- Package : pine prior to 4.44L-14 Vulnerability : denial of service Problem-Type : remote PLD-specific : no Upstream URL : http://www.washington.edu/pine/ An attacker can send a fully legal email message with a crafted From-header and thus forcing pine to core dump on startup. The only way to launch pine is manually removing the bad message either directly from the spool, or from another MUA. Until the message has been removed or edited there is no way of accessing the INBOX using pine. When pine detects an email with a From-header looking like From: "\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\""@host.fubar it will die with a segmentation fault. Note that the address is fully legal, even if quite unusable. Since pine dumped core it might be possible to execute code on the victims machine. The above problems have been fixed in version 4.50L-1 for the current stable distribution (ra). We recommend that you upgrade your pine packages. wget -c url will fetch the file for you rpm -Uhv file(s)*.rpm will upgrade the referenced file. If you are using "poldek" - the package manager, use the line as given below for upgrade packages poldek --update will update the internal database poldek --upgrade 'pine*' will install corrected packages If you are using "apt" - the package manager, use the line as given below for upgrade packages apt-get update will update the internal database apt-get upgrade 'pine*' will install corrected packages PLD Linux 1.0 alias ra - -------------------- Source archives: ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/pine-4.50L-1.src.rpm MD5 checksum: 196cf67117f8875f74e806b350d6a9f1 I386 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/pine-4.50L-1.i386.rpm MD5 checksum: b7c34c8a309273b7e7abf785365e7b0d I586 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/pine-4.50L-1.i586.rpm MD5 checksum: ccf92a843f1c103abb68f425b5458a82 I686 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/pine-4.50L-1.i686.rpm MD5 checksum: bf2dce29f0aa6c08d2b937f21d27600a PowerPC Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/pine-4.50L-1.ppc.rpm MD5 checksum: 2a3525950c49f0f70a8f2584552af5db - -------------------------------------------------------------------------------- - If you are using poldek add this line to poldek.conf. If you are using apt-get add this line to sources.list. For i386 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i386 base updates-security For i586 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i586 base updates-security For i686 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i686 base updates-security For ppc architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/ppc base updates-security