Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs


More on LinuxToday


SOT Linux Advisories: unzip, stunnel

Aug 15, 2003, 15:43 (0 Talkback[s])

[ Thanks to SOT Linux Security Team for these advisories. ]


SOT Linux Security Advisory

Subject: Updated unzip package for SOT Linux 2003
Advisory ID: SLSA-2003:32
Date: Friday, August 15, 2003
Product: SOT Linux 2003

1. Problem description

The unzip utility is used for manipulating archives, which are multiple files stored inside of a single file.

A vulnerabilitiy in unzip version 5.50 and earlier allows attackers to overwrite arbitrary files during archive extraction by placing invalid (non-printable) characters between two "." characters. These non-printable characters are filtered, resulting in a ".." sequence. The Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name CAN-2003-0282 to this issue.

This erratum includes a patch ensuring that non-printable characters do not make it possible for a malicious .zip file to write to parent directories unless the "-:" command line parameter is specified.

Users of unzip are advised to upgrade to these updated packages, which are not vulnerable to this issue.

2. Updated packages

SOT Linux 2003 Desktop:

i386:
ftp://ftp.sot.com/updates/2003/Desktop/i386/unzip-5.50-2.i386.rpm

SRPMS:
ftp://ftp.sot.com/updates/2003/Desktop/SRPMS/unzip-5.50-2.src.rpm

SOT Linux 2003 Server:

i386:
ftp://ftp.sot.com/updates/2003/Server/i386/unzip-5.50-2.i386.rpm

SRPMS:
ftp://ftp.sot.com/updates/2003/Server/SRPMS/unzip-5.50-2.src.rpm

3. Upgrading package

Before applying this update, make sure all previously released errata relevant to your system have been applied.

Use up2date to automatically upgrade the fixed packages.

If you want to upgrade manually, download the updated package from the SOT Linux FTP site (use the links above) or from one of our mirrors.

If you want to upgrade manually, download the updated package from the SOT Linux FTP site (use the links above) or from one of our mirrors. The list of mirrors can be obtained at www.sot.com/en/linux

Update the package with the following command: rpm -Uvh <filename>

4. Verification

All packages are PGP signed by SOT for security.

You can verify each package with the following command: rpm --checksig <filename>

If you wish to verify the integrity of the downloaded package, run "md5sum <filename>" and compare the output with data given below.

Package Name MD5 sum


/Desktop/i386/unzip-5.50-2.i386.rpm 914f127fdf500f5c6705975de7e133bf
/Desktop/SRPMS/unzip-5.50-2.src.rpm bd58909ecb7fb184e7ffe59d93afcaf2
/Server/i386/unzip-5.50-2.i386.rpm 914f127fdf500f5c6705975de7e133bf
/Server/SRPMS/unzip-5.50-2.src.rpm bd58909ecb7fb184e7ffe59d93afcaf2

5. References

http://marc.theaimsgroup.com/?l=bugtraq&m=105259038503175
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0282

Copyright(c) 2001-2003 SOT


You can view other update advisories for SOT Linux 2003 at: http://www.sot.com/en/linux/sa/

SOT Linux Security Advisory

Subject: Updated stunnel package for SOT Linux 2003
Advisory ID: SLSA-2003:33
Date: Friday, August 15, 2003
Product: SOT Linux 2003

1. Problem description

Stunnel is an SSL wrapper able to act as an SSL client or server, enabling non-SSL aware applications and servers to utilize SSL encryption.

Dan Boneh and David Brumley have successfully implemented an RSA timing attack against OpenSSL-enabled SSL software, including Stunnel. Their writeup is available at http://crypto.stanford.edu/~dabo/abstracts/ssl-timing.html

If you use an RSA key for an SSL server, a determined cracker could eventually determine your key. This could be used to impersonate your server via a man-in-the-middle attack, or to decrypt all SSL connections between client and server that can be sniffed/etc from the cracker's location.

All users are urged to upgrade to these errata packages.

NOTE: After upgrading, any instances of stunnel configured to run in daemon mode should be restarted, and any active network connections that are NOTE: After upgrading, any instances of stunnel configured to run in daemon mode should be restarted, and any active network connections that are currently being serviced by stunnel should be terminated and reestablished.

2. Updated packages

SOT Linux 2003 Desktop:

i386:
ftp://ftp.sot.com/updates/2003/Desktop/i386/stunnel-4.04-5.i386.rpm

SRPMS:
ftp://ftp.sot.com/updates/2003/Desktop/SRPMS/stunnel-4.04-5.src.rpm

SOT Linux 2003 Server:

i386:
ftp://ftp.sot.com/updates/2003/Server/i386/stunnel-4.04-5.i386.rpm

SRPMS:
ftp://ftp.sot.com/updates/2003/Server/SRPMS/stunnel-4.04-5.src.rpm

3. Upgrading package

Before applying this update, make sure all previously released errata relevant to your system have been applied.

Use up2date to automatically upgrade the fixed packages.

If you want to upgrade manually, download the updated package from the SOT Linux FTP site (use the links above) or from one of our mirrors. The list of mirrors can be obtained at www.sot.com/en/linux

Update the package with the following command: rpm -Uvh <filename>

4. Verification

All packages are PGP signed by SOT for security.

You can verify each package with the following command: rpm --checksig <filename>

If you wish to verify the integrity of the downloaded package, run "md5sum <filename>" and compare the output with data given below.

Package Name MD5 sum
/Desktop/i386/stunnel-4.04-5.i386.rpm 6cab14f375ea2e03ae0a50c8c3e5fd3e
/Desktop/SRPMS/stunnel-4.04-5.src.rpm 737b6b5a6eddd9b3cd8a30b597d3507a
/Server/i386/stunnel-4.04-5.i386.rpm 6cab14f375ea2e03ae0a50c8c3e5fd3e
/Server/SRPMS/stunnel-4.04-5.src.rpm 737b6b5a6eddd9b3cd8a30b597d3507a

5. References

http://www.stunnel.org/patches/desc/blinding-4.x_bri.html

Copyright(c) 2001-2003 SOT


You can view other update advisories for SOT Linux 2003 at: http://www.sot.com/en/linux/sa/