dcsimg
Linux Today: Linux News On Internet Time.




More on LinuxToday


Debian GNU/Linux Advisories: exim exim-tls, wu-ftpd

Sep 05, 2003, 02:29 (1 Talkback[s])

Debian Security Advisory DSA 376-1 security@debian.org
http://www.debian.org/security/ Matt Zimmerman
September 4th, 2003 http://www.debian.org/security/faq

Package : exim exim-tls
Vulnerability : buffer overflow
Problem-Type : remote
Debian-specific : no
CVE Ids : CAN-2003-0743

A buffer overflow exists in exim, which is the standard mail transport agent in Debian. By supplying a specially crafted HELO or EHLO command, an attacker could cause a constant string to be written past the end of a buffer allocated on the heap. This vulnerability is not believed at this time to be exploitable to execute arbitrary code.

For the stable distribution (woody) this problem has been fixed in exim version 3.35-1woody1 and exim-tls version 3.35-3woody1.

For the unstable distribution (sid) this problem has been fixed in exim version 3.36-8. The unstable distribution does not contain an exim-tls package.

We recommend that you update your exim or exim-tls package.

Upgrade Instructions


wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody


Source archives:

http://security.debian.org/pool/updates/main/e/exim/exim_3.35-1woody1.dsc
Size/MD5 checksum: 661 34a7faf2980c66aab318512a36a2c656
http://security.debian.org/pool/updates/main/e/exim/exim_3.35-1woody1.diff.gz
Size/MD5 checksum: 79296 0839fd89bd648ee5828e55afe6ce3628
http://security.debian.org/pool/updates/main/e/exim/exim_3.35.orig.tar.gz
Size/MD5 checksum: 1271057 42d362e40a21bd7ffc298f92c8bd986a
http://security.debian.org/pool/updates/main/e/exim-tls/exim-tls_3.35-3woody1.dsc
Size/MD5 checksum: 677 efc414eda2eaf3b739c0ff1d0ce1ce08
http://security.debian.org/pool/updates/main/e/exim-tls/exim-tls_3.35-3woody1.diff.gz
Size/MD5 checksum: 79663 3b0ffcb9a0c4662ba908f622e6bc6923
http://security.debian.org/pool/updates/main/e/exim-tls/exim-tls_3.35.orig.tar.gz
Size/MD5 checksum: 1271057 42d362e40a21bd7ffc298f92c8bd986a

Alpha architecture:

http://security.debian.org/pool/updates/main/e/exim/exim_3.35-1woody1_alpha.deb
Size/MD5 checksum: 872528 0c6303e4ab06e4aef0b65e8be9dd6dea
http://security.debian.org/pool/updates/main/e/exim/eximon_3.35-1woody1_alpha.deb
Size/MD5 checksum: 52316 ebc1ae6e92ebd810a4ffd3f7369995f9
http://security.debian.org/pool/updates/main/e/exim-tls/exim-tls_3.35-3woody1_alpha.deb
Size/MD5 checksum: 873212 19bba89ff92748d38fc68a667474ed35

ARM architecture:

http://security.debian.org/pool/updates/main/e/exim/exim_3.35-1woody1_arm.deb
Size/MD5 checksum: 785544 2bd24816a3290cdaa2bdcd52893f738c
http://security.debian.org/pool/updates/main/e/exim/eximon_3.35-1woody1_arm.deb
Size/MD5 checksum: 43522 d368467b3e01b7525b06d810ddee91de
http://security.debian.org/pool/updates/main/e/exim-tls/exim-tls_3.35-3woody1_arm.deb
Size/MD5 checksum: 783822 4a14319839d9f01dd2be37e047fd6d66

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/e/exim/exim_3.35-1woody1_i386.deb
Size/MD5 checksum: 758810 d562e8c0093c8fd1eac2a4b6756b2c74
http://security.debian.org/pool/updates/main/e/exim/eximon_3.35-1woody1_i386.deb
Size/MD5 checksum: 39204 eb5b733cbab82e3613368b117c7ccba8
http://security.debian.org/pool/updates/main/e/exim-tls/exim-tls_3.35-3woody1_i386.deb
Size/MD5 checksum: 759152 ad293a317eb4ee7bccffff05a425156e

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/e/exim/exim_3.35-1woody1_ia64.deb
Size/MD5 checksum: 972460 490ba5d8e041b14de7bab91d25cd8e84
http://security.debian.org/pool/updates/main/e/exim/eximon_3.35-1woody1_ia64.deb
Size/MD5 checksum: 65172 151a1cac77506fe862a1d7bd6e800ef4
http://security.debian.org/pool/updates/main/e/exim-tls/exim-tls_3.35-3woody1_ia64.deb
Size/MD5 checksum: 973764 ee164461e235691d1ebbd5499535bb23

HP Precision architecture:

http://security.debian.org/pool/updates/main/e/exim/exim_3.35-1woody1_hppa.deb
Size/MD5 checksum: 814904 e6865edc611c89d9846aabb61fd0a8f6
http://security.debian.org/pool/updates/main/e/exim/eximon_3.35-1woody1_hppa.deb
Size/MD5 checksum: 48278 d0a74247177785fc79511b03e855c247
http://security.debian.org/pool/updates/main/e/exim-tls/exim-tls_3.35-3woody1_hppa.deb
Size/MD5 checksum: 813986 5b98643ddca3a563c0f35702533abec7

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/e/exim/exim_3.35-1woody1_m68k.deb
Size/MD5 checksum: 737612 cdc5648c0a2f0785d9a31f8bed6225cc
http://security.debian.org/pool/updates/main/e/exim/eximon_3.35-1woody1_m68k.deb
Size/MD5 checksum: 37762 138c8847fc4586c4fbabe0358427b752
http://security.debian.org/pool/updates/main/e/exim-tls/exim-tls_3.35-3woody1_m68k.deb
Size/MD5 checksum: 736502 387d9a32b505ec7f3e8cedad5390095a

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/e/exim/exim_3.35-1woody1_mips.deb
Size/MD5 checksum: 824132 16515eef87fbea27dd0269bbfd82b804
http://security.debian.org/pool/updates/main/e/exim/eximon_3.35-1woody1_mips.deb
Size/MD5 checksum: 48868 b54faf31be830fc6d88ca91fd92aec15
http://security.debian.org/pool/updates/main/e/exim-tls/exim-tls_3.35-3woody1_mips.deb
Size/MD5 checksum: 824072 068d46cc7be1f70e369795eed39a5e2c

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/e/exim/exim_3.35-1woody1_mipsel.deb
Size/MD5 checksum: 824350 1e4beb825601c1d6034ed1236a1ddae0
http://security.debian.org/pool/updates/main/e/exim/eximon_3.35-1woody1_mipsel.deb
Size/MD5 checksum: 48770 ae84a1825f88b5e12ed94a4050bac66c
http://security.debian.org/pool/updates/main/e/exim-tls/exim-tls_3.35-3woody1_mipsel.deb
Size/MD5 checksum: 824764 dc94f41f414b487a5fb242abf1691c71

PowerPC architecture:

http://security.debian.org/pool/updates/main/e/exim/exim_3.35-1woody1_powerpc.deb
Size/MD5 checksum: 793734 8751038ff5bc501e701568180cf918df
http://security.debian.org/pool/updates/main/e/exim/eximon_3.35-1woody1_powerpc.deb
Size/MD5 checksum: 44782 a295cd17f3d6f97d5f41a149c4aafe76
http://security.debian.org/pool/updates/main/e/exim-tls/exim-tls_3.35-3woody1_powerpc.deb
Size/MD5 checksum: 792296 a8e7e8d5c05ad550d02ebed47ec98ee8

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/e/exim/exim_3.35-1woody1_s390.deb
Size/MD5 checksum: 779618 0f914e0637333149eac25dfb72e1626a
http://security.debian.org/pool/updates/main/e/exim/eximon_3.35-1woody1_s390.deb
Size/MD5 checksum: 43928 f88d92626105590087361b2d8042c3f7
http://security.debian.org/pool/updates/main/e/exim-tls/exim-tls_3.35-3woody1_s390.deb
Size/MD5 checksum: 778952 a1f2ada573819be4637929c3763a6193

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/e/exim/exim_3.35-1woody1_sparc.deb
Size/MD5 checksum: 784920 0309da1ad933034ebcec4c44e6bad64a
http://security.debian.org/pool/updates/main/e/exim/eximon_3.35-1woody1_sparc.deb
Size/MD5 checksum: 42440 d26369a10e324da946baa8d17f401c1c
http://security.debian.org/pool/updates/main/e/exim-tls/exim-tls_3.35-3woody1_sparc.deb
Size/MD5 checksum: 782482 4ae58125f8e4daea23660df37e867c14

These files will probably be moved into the stable distribution on its next revision.


For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
Debian Security Advisory DSA 377-1 security@debian.org
http://www.debian.org/security/ Matt Zimmerman
September 4th, 2003 http://www.debian.org/security/faq

Package : wu-ftpd
Vulnerability : insecure program execution
Problem-Type : remote
Debian-specific : no
CVE Ids : CVE-1999-0997

wu-ftpd, an FTP server, implements a feature whereby multiple files can be fetched in the form of a dynamically constructed archive file, such as a tar archive. The names of the files to be included are passed as command line arguments to tar, without protection against them being interpreted as command-line options. GNU tar supports several command line options which can be abused, by means of this vulnerability, to execute arbitrary programs with the privileges of the wu-ftpd process.

Georgi Guninski pointed out that this vulnerability exists in Debian woody.

For the stable distribution (woody) this problem has been fixed in version 2.6.2-3woody2.

For the unstable distribution (sid) this problem will be fixed soon.

We recommend that you update your wu-ftpd package.

Upgrade Instructions


wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody


Source archives:

http://security.debian.org/pool/updates/main/w/wu-ftpd/wu-ftpd_2.6.2-3woody2.dsc
Size/MD5 checksum: 607 b557af23920403ce4be64670a873a1dd
http://security.debian.org/pool/updates/main/w/wu-ftpd/wu-ftpd_2.6.2-3woody2.diff.gz
Size/MD5 checksum: 100389 c2e481768ed3a0d97a110bc3cd4aefa2
http://security.debian.org/pool/updates/main/w/wu-ftpd/wu-ftpd_2.6.2.orig.tar.gz
Size/MD5 checksum: 354784 b3c271f02aadf663b8811d1bff9da3f6

Architecture independent components:

http://security.debian.org/pool/updates/main/w/wu-ftpd/wu-ftpd-academ_2.6.2-3woody2_all.deb
Size/MD5 checksum: 3474 ae0a727f52cf8f1488222ce2b414a29a

Alpha architecture:

http://security.debian.org/pool/updates/main/w/wu-ftpd/wu-ftpd_2.6.2-3woody2_alpha.deb
Size/MD5 checksum: 291710 d9725bc2a271f151fc42605edd6394c6

ARM architecture:

http://security.debian.org/pool/updates/main/w/wu-ftpd/wu-ftpd_2.6.2-3woody2_arm.deb
Size/MD5 checksum: 265366 d435ee1977a93705462528b23b8c9550

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/w/wu-ftpd/wu-ftpd_2.6.2-3woody2_i386.deb
Size/MD5 checksum: 257060 ed807ebe3275f76a13eed4fbb2d8a7fa

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/w/wu-ftpd/wu-ftpd_2.6.2-3woody2_ia64.deb
Size/MD5 checksum: 321256 beaa9b061436052fddf3f47e2932360a

HP Precision architecture:

http://security.debian.org/pool/updates/main/w/wu-ftpd/wu-ftpd_2.6.2-3woody2_hppa.deb
Size/MD5 checksum: 275896 c1bea3e7f0cdbab6c7240d5b08b4b9d1

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/w/wu-ftpd/wu-ftpd_2.6.2-3woody2_m68k.deb
Size/MD5 checksum: 249368 32f06b3bbe19265f749670950691c7ff

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/w/wu-ftpd/wu-ftpd_2.6.2-3woody2_mips.deb
Size/MD5 checksum: 272978 1ec11e5a9b53925b02fb7cfbbc3df56b

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/w/wu-ftpd/wu-ftpd_2.6.2-3woody2_mipsel.deb
Size/MD5 checksum: 273058 37140e512eaa62cfa0b99b9983e89b6f

PowerPC architecture:

http://security.debian.org/pool/updates/main/w/wu-ftpd/wu-ftpd_2.6.2-3woody2_powerpc.deb
Size/MD5 checksum: 268354 4da902291bc8bb6c5c652dfd9f7ba729

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/w/wu-ftpd/wu-ftpd_2.6.2-3woody2_s390.deb
Size/MD5 checksum: 263100 a89f0be201d65cff953bc496a6391af4

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/w/wu-ftpd/wu-ftpd_2.6.2-3woody2_sparc.deb
Size/MD5 checksum: 270448 088bb0a66ee5b74ec59baff506a2be2a

These files will probably be moved into the stable distribution on its next revision.


For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>;