SuSE: cyrus-sasl' Possible local/remote privilege escalation

    Date23 Nov 2001
    CategorySuSE
    2366
    Posted ByLinuxSecurity Advisories
    A format bug was found in one of the logging functions, that could be used by an attacker to gain access to a machine or to acquire higher privileges.
    
    ______________________________________________________________________________
    
                            SuSE Security Announcement
    
            Package:                cyrus-sasl
            Announcement-ID:        SuSE-SA:2001:042
            Date:                   Friday, Nov 23th, 2001 12.00 MET
            Affected SuSE versions: 7.0, 7.1, 7.2, 7.3
            Vulnerability Type:     possible local/remote privilege escalation
            Severity (1-10):        4
            SuSE default package:   no
            Other affected systems: all linux-like systems using this version
                                    of cyrus-sasl
    
            Content of this advisory:
            1) security vulnerability resolved: cyrus-sasl
               problem description, discussion, solution and upgrade information
            2) pending vulnerabilities, solutions, workarounds
            3) standard appendix (further information)
    
    ______________________________________________________________________________
    
    1)  problem description, brief discussion, solution, upgrade information
    
        The Cyrus SASL library provides an authentication API for mail clients
        and servers.
        A format bug was found in one of the logging functions, that could be
        used by an attacker to gain access to a machine or to acquire higher
        privileges.
    
        There is no known temporary fix, so please update your system with
        the new RPMs from our FTP server.
    
        Download the update package from locations described below and install
        the package with the command:
            rpm -Uhv file.rpm
        The md5sum for each file is in the line below. You can verify the
        integrity of the rpm files using the command:
            rpm --checksig --nogpg file.rpm
        independently from the md5 signatures below.
    
    
    
    
        i386 Intel Platform:
    
        SuSE-7.3
         ftp://ftp.suse.com/pub/suse/i386/update/7.3/sec1/cyrus-sasl-1.5.24-157.i386.rpm
          e45171d1a76c91a0bfa3d086d9d599e5
         ftp://ftp.suse.com/pub/suse/i386/update/7.3/sec2/cyrus-sasl-devel-1.5.24-157.i386.rpm
          b03e76641050495d4ec44ac0d9f95e40
         ftp://ftp.suse.com/pub/suse/i386/update/7.3/sec2/cyrus-sasl-gssapi-1.5.24-157.i386.rpm
          acad2f6e40fd4de5d8729b24f1cb982d
        source rpm:
         ftp://ftp.suse.com/pub/suse/i386/update/7.3/zq1/cyrus-sasl-1.5.24-157.src.rpm
          b33d52a12efd4222b5f1886ff3b50eb8
    
        SuSE-7.2
         ftp://ftp.suse.com/pub/suse/i386/update/7.2/sec1/cyrus-sasl-1.5.24-158.i386.rpm
          b6c6eacbb748b10077273e17c4530d70
         ftp://ftp.suse.com/pub/suse/i386/update/7.2/sec2/cyrus-sasl-devel-1.5.24-158.i386.rpm
          6bc208c1626367b5dce2637c533d46a4
         ftp://ftp.suse.com/pub/suse/i386/update/7.2/sec2/cyrus-sasl-gssapi-1.5.24-158.i386.rpm
          fed016e9eeb13fe2d1d8b43d5a7eb2a2
        source rpm:
         ftp://ftp.suse.com/pub/suse/i386/update/7.2/zq1/cyrus-sasl-1.5.24-158.src.rpm
          6dd7b8b037f12a8a5adef3abbb45f107
    
        SuSE-7.1
         ftp://ftp.suse.com/pub/suse/i386/update/7.1/sec1/cyrus-sasl-1.5.24-157.i386.rpm
          5ae7eb3805130a03d8f27f89b1cee7b9
        source rpm:
         ftp://ftp.suse.com/pub/suse/i386/update/7.1/zq1/cyrus-sasl-1.5.24-157.src.rpm
          7b54ce2a549ab26a4cc7af2317c31114
    
        SuSE-7.0
         ftp://ftp.suse.com/pub/suse/i386/update/7.0/zima1/sasl-1.5.21-79.i386.rpm
          f9d4b6cd6fa27028fba8da6e50368b11
        source rpm:
         ftp://ftp.suse.com/pub/suse/i386/update/7.0/zq1/sasl-1.5.21-79.src.rpm
          8edbdbd49ad826da014a60cbe0ecd4fb
    
    
    
        Sparc Platform:
    
        SuSE-7.1
         ftp://ftp.suse.com/pub/suse/sparc/update/7.1/sec1/cyrus-sasl-1.5.24-70.sparc.rpm
          464d4d9ab8a46e104039e8811e3f4651
        source rpm:
         ftp://ftp.suse.com/pub/suse/sparc/update/7.1/zq1/cyrus-sasl-1.5.24-70.src.rpm
          753b3e27311760372e7da9f52de3dcbf
    
        SuSE-7.0
         ftp://ftp.suse.com/pub/suse/sparc/update/7.0/zima1/sasl-1.5.21-30.sparc.rpm
          01b229e0fb42f48c24fef34462dbccbb
        source rpm:
         ftp://ftp.suse.com/pub/suse/sparc/update/7.0/zq1/sasl-1.5.21-30.src.rpm
          df8d848c7998f3675fbb4755bd83a742
    
    
    
    
        AXP Alpha Platform:
    
        SuSE-7.1
         ftp://ftp.suse.com/pub/suse/axp/update/7.1/sec1/cyrus-sasl-1.5.24-62.alpha.rpm
          ea80bba65ae8cf22ea587e38aae7a2ee
        source rpm:
         ftp://ftp.suse.com/pub/suse/axp/update/7.1/zq1/cyrus-sasl-1.5.24-62.src.rpm
          b363227f99290c7866e5ac4fc7f7b6dc
    
        SuSE-7.0
         ftp://ftp.suse.com/pub/suse/axp/update/7.0/zima1/sasl-1.5.21-82.alpha.rpm
          22a48ae6c7963df620a76e22899888e5
        source rpm:
         ftp://ftp.suse.com/pub/suse/axp/update/7.0/zq1/sasl-1.5.21-82.src.rpm
          c39df74ca8900ac203360151f6e25d6b
    
    
    
    
        PPC Power PC Platform:
    
        SuSE-7.3
         ftp://ftp.suse.com/pub/suse/ppc/update/7.3/sec1/cyrus-sasl-1.5.24-92.ppc.rpm
          baddf572ea5dd550ffe952ec19315bef
         ftp://ftp.suse.com/pub/suse/ppc/update/7.3/sec2/cyrus-sasl-devel-1.5.24-92.ppc.rpm
          4fce4a7aaf74f3b42538916a14abaea0
         ftp://ftp.suse.com/pub/suse/ppc/update/7.3/sec2/cyrus-sasl-gssapi-1.5.24-92.ppc.rpm
          fb4fe578f47d2f4b7abc697301330aef
        source rpm:
         ftp://ftp.suse.com/pub/suse/ppc/update/7.3/zq1/cyrus-sasl-1.5.24-92.src.rpm
          94a5288432b1957a6c3b8676049e1199
    
        SuSE-7.1
         ftp://ftp.suse.com/pub/suse/ppc/update/7.1/sec1/cyrus-sasl-1.5.24-92.ppc.rpm
          8b5245304196e6b935c420394e14ae18
        source rpm:
         ftp://ftp.suse.com/pub/suse/ppc/update/7.1/zq1/cyrus-sasl-1.5.24-92.src.rpm
          10a5d72a03041fafb06d97d2730eb054
    
        SuSE-7.0
         ftp://ftp.suse.com/pub/suse/ppc/update/7.0/zima1/sasl-1.5.21-30.ppc.rpm
          ff3cdc2a4bd110632a8e9aa06794f3ec
        source rpm:
         ftp://ftp.suse.com/pub/suse/ppc/update/7.0/zq1/sasl-1.5.21-30.src.rpm
          aeedefa1eb86cca0cb7d80e3fc0f76f9
    
    
    
    ______________________________________________________________________________
    
    2)  Pending vulnerabilities in SuSE Distributions and Workarounds:
    
        - openssh
          After stabilizing the openssh package, updates for the distributions
          6.4-7.2 are currently being prepared. The update packages fix a security
          problem related to the recently discovered problems with source ip
          based access restrictions in a user's ~/.ssh/authorized_keys2 file.
          The packages will appear shortly on our ftp servers. Please note that
          packages for the distributions 6.3 and up including 7.0 containing
          cryptographic software are located on the German ftp server ftp.suse.de,
          all other packages can be found on ftp.suse.com at the usual location.
          We will issue a dedicated Security announcement for the openssh package.
    
        - The ziptool program runs setuid root in the easy permission mode and
          contains an overflow which allows local attackers to gain root
          privileges. A zipdrive must be configured and a zipdisk being inserted
          in order to exploit the bug. The overflow has been fixed. Please update
          your packages.
    
        - The ncpfs package containing the setuid root programs ncpmount and
          ncpumount was vulnerable to local bufferoverflow attacks. The package
          has been fixed.
    
    ______________________________________________________________________________
    
    3)  standard appendix:
    
        SuSE runs two security mailing lists to which any interested party may
        subscribe:
    
        This email address is being protected from spambots. You need JavaScript enabled to view it.
            -   general/linux/SuSE security discussion.
                All SuSE security announcements are sent to this list.
                To subscribe, send an email to
                    <This email address is being protected from spambots. You need JavaScript enabled to view it.>.
    
        This email address is being protected from spambots. You need JavaScript enabled to view it.
            -   SuSE's announce-only mailing list.
                Only SuSE's security annoucements are sent to this list.
                To subscribe, send an email to
                    <This email address is being protected from spambots. You need JavaScript enabled to view it.>.
    
        For general information or the frequently asked questions (faq)
        send mail to:
            <This email address is being protected from spambots. You need JavaScript enabled to view it.> or
            <This email address is being protected from spambots. You need JavaScript enabled to view it.> respectively.
    
        ===============================================
        SuSE's security contact is <This email address is being protected from spambots. You need JavaScript enabled to view it.>.
        ===============================================
    
    ______________________________________________________________________________
    
        The information in this advisory may be distributed or reproduced,
        provided that the advisory is not modified in any way.
        SuSE GmbH makes no warranties of any kind whatsoever with respect
        to the information contained in this security advisory.
    
    
    
    
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"25","type":"x","order":"1","pct":54.35,"resources":[]},{"id":"88","title":"Should be more technical","votes":"5","type":"x","order":"2","pct":10.87,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"16","type":"x","order":"3","pct":34.78,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.