drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Pufferüberlauf in fetchmail
Name: |
Pufferüberlauf in fetchmail |
|
ID: |
TLSA-2005-84 |
|
Distribution: |
TurboLinux |
|
Plattformen: |
Turbolinux 10 Server, Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux 7 Server, Turbolinux 7 Workstation, Turbolinux 8 Server, Turbolinux 8 Workstation, Turbolinux Home, Turbolinux Multimedia, Turbolinux Personal, Turbolinux Appliance Server 1.0 Hosting Edition, Turbolinux Appliance Server 1.0 Workgroup Edition |
|
Datum: |
Sa, 3. September 2005, 03:50 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2335 |
|
Applikationen: |
Fetchmail |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
-------------------------------------------------------------------------- Turbolinux Security Advisory TLSA-2005-84 http://www.turbolinux.co.jp/security/ security-team@turbolinux.co.jp --------------------------------------------------------------------------
Original released date: 18 Aug 2005 Last revised: 18 Aug 2005
Package: fetchmail
Summary: Buffer overlow
More information: Fetchmail is a free, full-featured, robust, and well-documented remote mail retrieval and forwarding utility intended to be used over on-demand TCP/IP links (such as SLIP or PPP connections). The fetchmail allows remote attackers to cause a denial of service (crash) via certain UIDL responses.
Impact: The fetchmail allows remote POP3 servers to cause a denial of service and possibly execute arbitrary code via long UIDL responses.
Affected Products: - Turbolinux Appliance Server 1.0 Hosting Edition - Turbolinux Appliance Server 1.0 Workgroup Edition - Turbolinux 10 Server - Turbolinux Home - Turbolinux 10 F... - Turbolinux 10 Desktop - Turbolinux Multimedia - Turbolinux Personal - Turbolinux 8 Server - Turbolinux 8 Workstation - Turbolinux 7 Server - Turbolinux 7 Workstation
Solution: Please use the turbopkg (zabom) tool to apply the update. --------------------------------------------- [Turbolinux 10 Server] # turbopkg or # zabom -u fetchmail
[Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home, Turbolinux Multimedia, Turbolinux Personal] # turbopkg or # zabom -u fetchmail fetchmailconf
[other] # turbopkg or # zabom update fetchmail fetchmailconf ---------------------------------------------
<Turbolinux Appliance Server 1.0 Hosting Edition>
Source Packages Size: MD5
fetchmail-6.2.5-5.src.rpm 1265887 05305063bb6843cdd21148e56f63b4a6
Binary Packages Size: MD5
fetchmail-6.2.5-5.i586.rpm 449899 b5bf24bc19d7b7b77deacf7a962d4a28
<Turbolinux Appliance Server 1.0 Workgroup Edition>
Source Packages Size: MD5
fetchmail-6.2.5-5.src.rpm 1265887 993efaca4b273769b9c9bd1cd8e3b6fa
Binary Packages Size: MD5
fetchmail-6.2.5-5.i586.rpm 449028 dd292f80e338c7ee54a9feba3d862ffa
<Turbolinux 10 Server>
Source Packages Size: MD5
fetchmail-6.2.5-5.src.rpm 1265887 b21a889462e186e09ffdbbb758e33ef6
Binary Packages Size: MD5
fetchmail-6.2.5-5.i586.rpm 452050 ac40d83ea8221a27787c82dd1cd49fd0
<Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home, Turbolinux Multimedia, Turbolinux Personal>
Source Packages Size: MD5
fetchmail-6.2.5-5.src.rpm 1265887 96f68ec0fac4b208740b7dd835932773
Binary Packages Size: MD5
fetchmail-6.2.5-5.i586.rpm 452783 c815191cfd5a36b0e72b982fb9680041 fetchmailconf-6.2.5-5.i586.rpm 26979 c41eaddc8bafa599179446ede946240c
<Turbolinux 8 Server>
Source Packages Size: MD5
fetchmail-6.2.5-5.src.rpm 1265887 1246bdf40730ddb19c4a7e1c46ac7799
Binary Packages Size: MD5
fetchmail-6.2.5-5.i586.rpm 449301 3a43f7f396aa85d24d63778239baef98 fetchmailconf-6.2.5-5.i586.rpm 26530 e4a57be42f8d253922d6455878e37336
<Turbolinux 8 Workstation>
Source Packages Size: MD5
fetchmail-6.2.5-5.src.rpm 1265887 7d225797b7c7f1147868d3e7b51b4422
Binary Packages Size: MD5
fetchmail-6.2.5-5.i586.rpm 449759 49c1a0f10274b55f4453ef6b251ffe74 fetchmailconf-6.2.5-5.i586.rpm 26543 cda6278bbe471a7edfbd5fdc411dcea4
<Turbolinux 7 Server>
Source Packages Size: MD5
fetchmail-6.2.5-5.src.rpm 1265887 1a369cf7625fe5e3ddad8e5521ba8d6b
Binary Packages Size: MD5
fetchmail-6.2.5-5.i586.rpm 446087 33e4901782ea9da55af442b19adb3d06 fetchmailconf-6.2.5-5.i586.rpm 26521 4697432d2f315e2a3933f75431e2c410
<Turbolinux 7 Workstation>
Source Packages Size: MD5
fetchmail-6.2.5-5.src.rpm 1265887 65772fc607c51f5ef07f04f91c5f5123
Binary Packages Size: MD5
fetchmail-6.2.5-5.i586.rpm 446310 5555462bfb6d4cc6c61601d452b1ed49 fetchmailconf-6.2.5-5.i586.rpm 26541 b1639fad4153a2b42c09ae42cc1a9876
References:
CVE [CAN-2005-2335] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2335
-------------------------------------------------------------------------- Revision History 18 Aug 2005 Initial release --------------------------------------------------------------------------
Copyright(C) 2005 Turbolinux, Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFDBDJpK0LzjOqIJMwRAj9FAJ4n8hoUR4UCOc8z8G/tA49Co2V6MwCgkQ+E KRLa2ILrfiskf8P2Uq2TYwY= =Yhjr -----END PGP SIGNATURE-----
|
|
|
|