Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs


Top White Papers

More on LinuxToday


Caldera Linux Advisory: imapd

May 15, 2002, 23:16 (1 Talkback[s])
____________________________________________________________________________

                Caldera International, Inc.  Security Advisory

Subject:                Linux: imapd buffer overflow when fetching partial mailbox attributes
Advisory number:        CSSA-2002-021.0
Issue date:             2002 May 15
Cross reference:
____________________________________________________________________________


1. Problem Description

        A malicious user may construct a malformed request that will
        cause a buffer overflow, allowing the user to run code on the
        server with the uid and gid of the e-mail owner.


2. Vulnerable Supported Versions

        System                          Package
        ----------------------------------------------------------------------

        OpenLinux 3.1.1 Server          prior to imap-2000-14.i386.rpm
                                        prior to imap-devel-2000-14.i386.rpm

        OpenLinux 3.1.1 Workstation     prior to imap-2000-14.i386.rpm
                                        prior to imap-devel-2000-14.i386.rpm

        OpenLinux 3.1 Server            prior to imap-2000-14.i386.rpm
                                        prior to imap-devel-2000-14.i386.rpm

        OpenLinux 3.1 Workstation       prior to imap-2000-14.i386.rpm
                                        prior to imap-devel-2000-14.i386.rpm


3. Solution


        The proper solution is to install the latest packages.


4. OpenLinux 3.1.1 Server

        4.1 Package Location

        ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Server/current/RPMS

        4.2 Packages

        3d4c39ed407a122f963f9f508f908c92        imap-2000-14.i386.rpm
        5c49edd5001471188ed6da5a20413f42        imap-devel-2000-14.i386.rpm

        4.3 Installation

        rpm -Fvh imap-2000-14.i386.rpm
        rpm -Fvh imap-devel-2000-14.i386.rpm

        4.4 Source Package Location

        ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Server/current/SRPMS

        4.5 Source Packages

        7aca0b5e4236dac8b9bbce8879d84bd8        imap-2000-14.src.rpm


5. OpenLinux 3.1.1 Workstation

        5.1 Package Location

        ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Workstation/current/RPMS

        5.2 Packages

        d38decbc4fd541389f150a801dbd6024        imap-2000-14.i386.rpm
        4833a72e3afde52d6f88fefdf2ac6fb4        imap-devel-2000-14.i386.rpm

        5.3 Installation

        rpm -Fvh imap-2000-14.i386.rpm
        rpm -Fvh imap-devel-2000-14.i386.rpm

        5.4 Source Package Location

        ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Workstation/current/SRPMS

        5.5 Source Packages

        0dc9c6f44c0a233ff31efc296159a812        imap-2000-14.src.rpm


6. OpenLinux 3.1 Server

        6.1 Package Location

        ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/current/RPMS

        6.2 Packages

        cbe5748e7adea78a897b2b530a4f6885        imap-2000-14.i386.rpm
        763992a12de3ac0bdf53ea03c92b0c79        imap-devel-2000-14.i386.rpm

        6.3 Installation

        rpm -Fvh imap-2000-14.i386.rpm
        rpm -Fvh imap-devel-2000-14.i386.rpm

        6.4 Source Package Location

        ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/current/SRPMS

        6.5 Source Packages

        decd197cfdce836c921560097573e9b3        imap-2000-14.src.rpm


7. OpenLinux 3.1 Workstation

        7.1 Package Location

        ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Workstation/current/RPMS

        7.2 Packages

        863d0908cf6a00488bd705bfe16e4d4c        imap-2000-14.i386.rpm
        a2db300f0a06d9be119c39a40fb4f368        imap-devel-2000-14.i386.rpm

        7.3 Installation

        rpm -Fvh imap-2000-14.i386.rpm
        rpm -Fvh imap-devel-2000-14.i386.rpm

        7.4 Source Package Location

        ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Workstation/current/SRPMS

        7.5 Source Packages

        2ea45d3516faaaae52a2f8053deaf30c        imap-2000-14.src.rpm


8. References

        Specific references for this advisory:
                none


        Caldera OpenLinux security resources:
                http://www.caldera.com/support/security/index.html

        Caldera UNIX security resources:
                http://stage.caldera.com/support/security/

        This security fix closes Caldera incidents sr864139, fz520938
        and erg712042.


9. Disclaimer

        Caldera International, Inc. is not responsible for the misuse
        of any of the information we provide on this website and/or
        through our security advisories. Our advisories are a service
        to our customers intended to promote secure installation and
        use of Caldera products.


10. Acknowledgements

        Marcell Fodor (m.fodor@mail.datanet.hu) discovered and reported
        this vulnerability.

____________________________________________________________________________