[Full-Disclosure] [OpenPKG-SA-2004.011] OpenPKG Security Advisory (sharutils)

From: OpenPKG (openpkg_at_openpkg.org)
Date: 04/07/04

  • Next message: n30: "[Full-Disclosure] ROSI"
    To: full-disclosure@lists.netsys.com
    Date: Wed, 7 Apr 2004 22:24:13 +0200
    
    

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    ________________________________________________________________________

    OpenPKG Security Advisory The OpenPKG Project
    http://www.openpkg.org/security.html http://www.openpkg.org
    openpkg-security@openpkg.org openpkg@openpkg.org
    OpenPKG-SA-2004.011 07-Apr-2004
    ________________________________________________________________________

    Package: sharutils
    Vulnerability: arbitrary code execution
    OpenPKG Specific: no

    Affected Releases: Affected Packages: Corrected Packages:
    OpenPKG CURRENT <= sharutils-4.2.1-20011201 >= sharutils-4.2.1-20040407
    OpenPKG 2.0 <= sharutils-4.2.1-2.0.0 >= sharutils-4.2.1-2.0.1
    OpenPKG 1.3 <= sharutils-4.2.1-1.3.0 >= sharutils-4.2.1-1.3.1

    Dependent Packages: none

    Description:
      According to a posting on Bugtraq [1], Shaun Colley discovered and
      researched a stack-based buffer overflow vulnerability which exists in
      the GNU Sharutils [2] due to lack of bounds checking when handling the
      '-o' command-line option.

      Please check whether you are affected by running "<prefix>/bin/rpm
      -q sharutils". If you have the "sharutils" package installed and its
      version is affected (see above), we recommend that you immediately
      upgrade it (see Solution). [3][4]

    Solution:
      Select the updated source RPM appropriate for your OpenPKG release
      [5][6], fetch it from the OpenPKG FTP service [7][8] or a mirror
      location, verify its integrity [9], build a corresponding binary RPM
      from it [3] and update your OpenPKG installation by applying the
      binary RPM [4]. For the most recent release OpenPKG 2.0, perform the
      following operations to permanently fix the security problem (for
      other releases adjust accordingly).

      $ ftp ftp.openpkg.org
      ftp> bin
      ftp> cd release/2.0/UPD
      ftp> get sharutils-4.2.1-2.0.1.src.rpm
      ftp> bye
      $ <prefix>/bin/openpkg rpm -v --checksig sharutils-4.2.1-2.0.1.src.rpm
      $ <prefix>/bin/openpkg rpm --rebuild sharutils-4.2.1-2.0.1.src.rpm
      $ su -
      # <prefix>/bin/openpkg rpm -Fvh <prefix>/RPM/PKG/sharutils-4.2.1-2.0.1.*.rpm
    ________________________________________________________________________

    References:
      [1] http://www.securityfocus.com/archive/1/359639
      [2] http://www.gnu.org/software/sharutils/
      [3] http://www.openpkg.org/tutorial.html#regular-source
      [4] http://www.openpkg.org/tutorial.html#regular-binary
      [5] ftp://ftp.openpkg.org/release/1.3/UPD/sharutils-4.2.1-1.3.1.src.rpm
      [6] ftp://ftp.openpkg.org/release/2.0/UPD/sharutils-4.2.1-2.0.1.src.rpm
      [7] ftp://ftp.openpkg.org/release/1.3/UPD/
      [8] ftp://ftp.openpkg.org/release/2.0/UPD/
      [9] http://www.openpkg.org/security.html#signature
    ________________________________________________________________________

    For security reasons, this advisory was digitally signed with the
    OpenPGP public key "OpenPKG <openpkg@openpkg.org>" (ID 63C4CB9F) of the
    OpenPKG project which you can retrieve from http://pgp.openpkg.org and
    hkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org/
    for details on how to verify the integrity of this advisory.
    ________________________________________________________________________

    -----BEGIN PGP SIGNATURE-----
    Comment: OpenPKG <openpkg@openpkg.org>

    iD8DBQFAdGMzgHWT4GPEy58RAsZuAKDSh3FdkQsjfqT4nUsd1Vv13S3usQCguVO8
    XXHwppXg6f1oPAs2ewAqB9k=
    =c2IQ
    -----END PGP SIGNATURE-----

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html


  • Next message: n30: "[Full-Disclosure] ROSI"

    Relevant Pages

    • [OpenPKG-SA-2003.043] OpenPKG Security Advisory (proftpd)
      ... According to an ISS X-Force security advisory, a vulnerability ... when transferring files from the FTP server in ASCII mode. ... and a buffer overflow can manifest if ProFTPD parses a specially ... Select the updated source RPM appropriate for your OpenPKG release ...
      (Bugtraq)
    • [Full-Disclosure] [OpenPKG-SA-2003.043] OpenPKG Security Advisory (proftpd)
      ... According to an ISS X-Force security advisory, a vulnerability ... when transferring files from the FTP server in ASCII mode. ... and a buffer overflow can manifest if ProFTPD parses a specially ... Select the updated source RPM appropriate for your OpenPKG release ...
      (Full-Disclosure)
    • [Full-Disclosure] [OpenPKG-SA-2003.041] OpenPKG Security Advisory (sendmail)
      ... According to a confirmed security advisory from Michal Zalewski ... a remotely exploitable vulnerability exists in all versions ... Select the updated source RPM appropriate for your OpenPKG release ... $ ftp ftp.openpkg.org ...
      (Full-Disclosure)
    • [OpenPKG-SA-2003.041] OpenPKG Security Advisory (sendmail)
      ... According to a confirmed security advisory from Michal Zalewski ... a remotely exploitable vulnerability exists in all versions ... Select the updated source RPM appropriate for your OpenPKG release ... $ ftp ftp.openpkg.org ...
      (Bugtraq)
    • [OpenPKG-SA-2005.023] OpenPKG Security Advisory (openvpn)
      ... vulnerability exists in the OpenVPN network security application. ... another DoS situation can occur if OpenVPN in TCP server ... Select the updated source RPM appropriate for your OpenPKG release ... $ ftp ftp.openpkg.org ...
      (Bugtraq)