Debian: New hylafax packages fix arbitrary command execution

    Date27 Jan 2006
    CategoryDebian
    3378
    Posted ByJoe Shakespeare
    Patrice Fournier found that hylafax passes unsanitized user data in the notify script, allowing users with the ability to submit jobs to run arbitrary commands with the privileges of the hylafax server.
    - --------------------------------------------------------------------------
    Debian Security Advisory DSA 933-1                     This email address is being protected from spambots. You need JavaScript enabled to view it.
    http://www.debian.org/security/                              Michael Stone
    January 9, 2006                         http://www.debian.org/security/faq
    - --------------------------------------------------------------------------
    
    Package        : hylafax
    Vulnerability  : arbitrary command execution
    Problem-Type   : local
    Debian-specific: no
    CVE ID         : CVE-2005-3539
    
    Patrice Fournier found that hylafax passes unsanitized user data in the
    notify script, allowing users with the ability to submit jobs to run
    arbitrary commands  with the privileges of the hylafax server.
    
    For the old stable distribution (woody) this problem has been fixed in
    version 4.1.1-4woody1.
    
    For the stable distribution (sarge) this problem has been fixed in
    version 4.2.1-5sarge3.
    
    For the unstable distribution the problem has been fixed in version
    4.2.4-2.
    
    We recommend that you upgrade your hylafax package.
    
    
    Upgrade Instructions
    - --------------------
    
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    
    If you are using the apt-get package manager, use the line for
    sources.list as given below:
    
    apt-get update
            will update the internal database
    apt-get upgrade
            will install corrected packages
    
    You may use an automated update by adding the resources from the
    footer to the proper configuration.
    
    
    Debian GNU/Linux 3.0 alias woody
    - --------------------------------
    
      Source archives:
    
        http://security.debian.org/pool/updates/main/h/hylafax/hylafax_4.1.1-4woody1.dsc
          Size/MD5 checksum:      800 c9fd457c2782971a41c8328435b00ece
        http://security.debian.org/pool/updates/main/h/hylafax/hylafax_4.1.1-4woody1.diff.gz
          Size/MD5 checksum:   116777 a2c212abd4a22134b673b3df345cb779
        http://security.debian.org/pool/updates/main/h/hylafax/hylafax_4.1.1.orig.tar.gz
          Size/MD5 checksum:  1287689 1ed081750be70a800708699b7568e17e
    
      Architecture independent components:
    
        http://security.debian.org/pool/updates/main/h/hylafax/hylafax-doc_4.1.1-4woody1_all.deb
          Size/MD5 checksum:   318384 bf2352b27b55b6a6b66acd8184864ed5
    
      Alpha architecture:
    
        http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.1.1-4woody1_alpha.deb
          Size/MD5 checksum:   556394 4acfe414a92ca39dd08d945927134fde
        http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.1.1-4woody1_alpha.deb
          Size/MD5 checksum:  1362704 7c5d2805a86e35f77fbdc320608eae21
    
      ARM architecture:
    
        http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.1.1-4woody1_arm.deb
          Size/MD5 checksum:   445742 bd7631c263e79ba1fa222616fab0814c
        http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.1.1-4woody1_arm.deb
          Size/MD5 checksum:  1096024 a5bccc072005832e21a63af6cd355d80
    
      Intel IA-32 architecture:
    
        http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.1.1-4woody1_i386.deb
          Size/MD5 checksum:   462478 a1b1d1ffb63fa002602fa817985c10d4
        http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.1.1-4woody1_i386.deb
          Size/MD5 checksum:  1132898 f7f7933a5c26c69048628d20c6d8c6e2
    
      Intel IA-64 architecture:
    
        http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.1.1-4woody1_ia64.deb
          Size/MD5 checksum:   615750 9dd3e91618a0b7ff630fc8e73472be90
        http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.1.1-4woody1_ia64.deb
          Size/MD5 checksum:  1491998 fcfa52b30bf30151ce3d9c9c283738b2
    
      HP Precision architecture:
    
        http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.1.1-4woody1_hppa.deb
          Size/MD5 checksum:   501764 532a01a8b1c509fff8640a63743f27b0
        http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.1.1-4woody1_hppa.deb
          Size/MD5 checksum:  1231584 2d3a3a7072c00e4fc71bb48045aac459
    
      Motorola 680x0 architecture:
    
        http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.1.1-4woody1_m68k.deb
          Size/MD5 checksum:   451356 52f1e0515d0dc3f88b25de500aa8916c
        http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.1.1-4woody1_m68k.deb
          Size/MD5 checksum:  1100320 294aa660f86c7090eb0092755a788009
    
      PowerPC architecture:
    
        http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.1.1-4woody1_powerpc.deb
          Size/MD5 checksum:   450900 349b2498e9ca56c63e219911b79e2953
        http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.1.1-4woody1_powerpc.deb
          Size/MD5 checksum:  1104560 48b998cf768a2ff858c948e5892b32c4
    
      IBM S/390 architecture:
    
        http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.1.1-4woody1_s390.deb
          Size/MD5 checksum:   441344 51762120b318ed4c800a12e28242b5fa
        http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.1.1-4woody1_s390.deb
          Size/MD5 checksum:  1087136 ba81545268b85fa2783814ca8322d3b3
    
      Sun Sparc architecture:
    
        http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.1.1-4woody1_sparc.deb
          Size/MD5 checksum:   433674 4786a267f600ba71c8f9c80a1f371439
        http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.1.1-4woody1_sparc.deb
          Size/MD5 checksum:  1082890 6bdc5a6359c4b953f5127031af69cbe2
    
    
    Debian GNU/Linux 3.1 alias sarge
    - --------------------------------
    
      Source archives:
    
        http://security.debian.org/pool/updates/main/h/hylafax/hylafax_4.2.1-5sarge3.dsc
          Size/MD5 checksum:      746 1202e740bcb10a01977c98f6967d2da4
        http://security.debian.org/pool/updates/main/h/hylafax/hylafax_4.2.1-5sarge3.diff.gz
          Size/MD5 checksum:    51922 e7d0531c64d48a9907e1a9c73b882bff
        http://security.debian.org/pool/updates/main/h/hylafax/hylafax_4.2.1.orig.tar.gz
          Size/MD5 checksum:  1412035 05430e41a279d0fff6d6e4b444440829
    
      Architecture independent components:
    
        http://security.debian.org/pool/updates/main/h/hylafax/hylafax-doc_4.2.1-5sarge3_all.deb
          Size/MD5 checksum:   372578 70db2ce1b777e475cbe3335abc31a5a6
    
      Alpha architecture:
    
        http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.2.1-5sarge3_alpha.deb
          Size/MD5 checksum:   373996 440dedf0a21a7ea99573ff9a0c8eb675
        http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.2.1-5sarge3_alpha.deb
          Size/MD5 checksum:   863606 cff4540597762579538d71e447b09f01
    
      AMD64 architecture:
    
        http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.2.1-5sarge3_amd64.deb
          Size/MD5 checksum:   350894 a8040ccfde418e5cdf9f353f8b7471d9
        http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.2.1-5sarge3_amd64.deb
          Size/MD5 checksum:   801152 977bdc76fc44339599770227ba93befc
    
      ARM architecture:
    
        http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.2.1-5sarge3_arm.deb
          Size/MD5 checksum:   342534 a79825720236fdafac2c6a7841b1fdec
        http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.2.1-5sarge3_arm.deb
          Size/MD5 checksum:   808884 10810889ed1c044fb1fec91af88184b2
    
      Intel IA-32 architecture:
    
        http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.2.1-5sarge3_i386.deb
          Size/MD5 checksum:   348172 0b3837a725542ab94fe7525beb54926d
        http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.2.1-5sarge3_i386.deb
          Size/MD5 checksum:   805786 05e61ba137faedbaf4a6d4b3faf0cce6
    
      Intel IA-64 architecture:
    
        http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.2.1-5sarge3_ia64.deb
          Size/MD5 checksum:   402530 a592a7397d1b75dc541584e3e10cbd23
        http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.2.1-5sarge3_ia64.deb
          Size/MD5 checksum:   924558 eb3701170b63c4ca617c93c74aa59f76
    
      HP Precision architecture:
    
        http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.2.1-5sarge3_hppa.deb
          Size/MD5 checksum:   402386 7ec015549d9aa57e5a8e037deb6edb32
        http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.2.1-5sarge3_hppa.deb
          Size/MD5 checksum:   911520 948195eaaf686a5cffa3237df90d8504
    
      Motorola 680x0 architecture:
    
        http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.2.1-5sarge3_m68k.deb
          Size/MD5 checksum:   345380 635f021fb40dbdd09c138608e64c309c
        http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.2.1-5sarge3_m68k.deb
          Size/MD5 checksum:   784438 3bc0f358363b448d3f8e72f95743a9fe
    
      Big endian MIPS architecture:
    
        http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.2.1-5sarge3_mips.deb
          Size/MD5 checksum:   352748 a65a3fcfffc4ec111fe4237a92734254
        http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.2.1-5sarge3_mips.deb
          Size/MD5 checksum:   836146 17146c51624cfc1f7c7eaac74c483f21
    
      Little endian MIPS architecture:
    
        http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.2.1-5sarge3_mipsel.deb
          Size/MD5 checksum:   350272 d5d512363681880db5e3d587021cab19
        http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.2.1-5sarge3_mipsel.deb
          Size/MD5 checksum:   831156 b06e0395c7b347093f2f9e1fe9673b91
    
      PowerPC architecture:
    
        http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.2.1-5sarge3_powerpc.deb
          Size/MD5 checksum:   356672 778a434ea9e2e73d85ee8b7eaec4062c
        http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.2.1-5sarge3_powerpc.deb
          Size/MD5 checksum:   819686 4e82d570b0ffe822945814f90a5c175c
    
      IBM S/390 architecture:
    
        http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.2.1-5sarge3_s390.deb
          Size/MD5 checksum:   339480 5afce0e8172e75b1b39d0086f69c5e0a
        http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.2.1-5sarge3_s390.deb
          Size/MD5 checksum:   767944 bc881199411dce80be644491b031af07
    
      These files will probably be moved into the stable distribution on
      its next update.
    
    - ---------------------------------------------------------------------------------
    For apt-get: deb http://security.debian.org/ stable/updates main
    For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"4","type":"x","order":"1","pct":57.14,"resources":[]},{"id":"88","title":"Should be more technical","votes":"2","type":"x","order":"2","pct":28.57,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"1","type":"x","order":"3","pct":14.29,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.