Debian: DSA-009-1 Moderate: Stunnel Insecure File Handling Exploits
debian
December 24, 2000
Lez discovered a format string problem in stunnel
Summary
Package : stunnel
Problem type : insecure file handling, format string bug
Debian-specific: no
Lez discovered a format string problem in stunnel (a tool to create
Universal SSL tunnel for other network daemons). Brian Hatch
responded by stating he was already preparing a new release with
multiple security fixes:
1. the PRNG (pseudo-random generated) was not seeded correctly.
This only affects operation on operating systems without a
secure random generator (like Linux)
2. Pid files were not created securely, making stunnel vulnerable
to a symlink attack
3. There was an insecure syslog() call which could be exploited if
the user could manage to insert text into the logged text. At
least one way to exploit this using faked identd responses was
demonstrated by Lez.
These problems have been fixed in version 3.10-0potato1.
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
Debian GNU/Linux 2.2 alias potato
Potato was released fo...
PREVIOUS
NEXT
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!