Linux Today: Linux News On Internet Time.

More on LinuxToday

Advisories: August 25, 2005

Aug 26, 2005, 04:45 (0 Talkback[s])

Astaro Security Linux

Astaro Security Linux 6.0 - HTTP CONNECT Access Localhost Weakness


Astaro Security Linux 6.0 is a network security solution, including a combination of the following security applications:

  • Stateful inspection firewall with application proxies
  • VPN
  • AV
  • IDS
  • AntiSpam
  • ContentFilter


A proxy is running on Port 8080/TCP, accepting HTTP CONNECT requests destinated to localhost. Therefore it is f.e. possible to connect to the installed HTTPd, running on localhost. Other scenarios like connecting to the SSH-Admin port are possible, depending on the configuration of the allowed destination ports for the CONNECT method.


No exploit required. Simply netcat to the proxy port and enter the following command:

CONNECT localhost:80 HTTP/1.0


In addition i found some other, interesting issues, which can be security relevant, depending on the usage of the product:

1) Sending an invalid, unauthenticated request ("CONNECT localhost 21 HTTP/1.0") to the proxy port delivers the following information:

"Proxy-authorization: Basic LTpwcHBwCg=="

as part of the proxy response.

The string can also be found hardcodet in the binary "/var/storage/chroot-http/usr/bin/hyperdyper".

This login-credentials are used internaly by the Content Filter Framework.

2) Astaro can be configured using Webmin. Due to a directory traversal vuln. is it possible for authenticated webmin users to access files on the filesystem, which are not accessible via the webmin-gui, and should only be accessable by console-users:

/index.fpl?SID=1497553306006&id=0555&frameset=active&wfe_download=/../../etc/passwd&fname=MeinePasswd&mime_type=application%2foctet%2dstream HTTP/1.1

3) If an administrator is logged in via webmin, and another administrator is logging in, the new admin can disconnect/kick the currently logged in one. Thereby it is possible to supply a message, that will be automaticly displayed at the kicked admins browser. However, supplying Script-Code instead of a message leads to an automated execution of the code in the kicked admins browser.

So, not realy risky but shows missing input filtering.

Its up to the reader to deside about the risk level of 1-3. I just sent this information for completeness.


The vulnerable version of the product is


Upgrade to version
Upgrade is available at the vendors website.


Astaro respondet very fast, and was very cooperative. Fixes were delivered within a day after informing.


oliver karow

Debian GNU/Linux

Debian Security Advisory DSA 784-1 Martin Schulze
August 25th, 2005

Package : courier
Vulnerability : programming error
Problem-Type : remote
Debian-specific: no
CVE ID : CAN-2005-2151
Debian Bug : 320290

A problem has been discovered in the Courier Mail Server. DNS failures were not handled properly when looking up Sender Policy Framework (SPF) records, which could allow attackers to cause memory corruption. The default configuration on Debian has SPF checking disabled, so most machines are not vulnerable. This is explained in the "courier" manpage, section SENDER POLICY FRAMEWORK KEYWORDS.

The old stable distribution (woody) is not affected by this problem.

For the stable distribution (sarge) this problem has been fixed in version 0.47-4sarge1.

For the unstable distribution (sid) this problem has been fixed in version 0.47-6.

We recommend that you upgrade your courier-mta package.

Upgrade Instructions

wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.

Debian GNU/Linux 3.1 alias sarge

Source archives:
      Size/MD5 checksum: 1216 f66af88f70ac1c057617ce67b2e23fe8
      Size/MD5 checksum: 92865 444bd593fcac1056ef4c36c0859b88f6
      Size/MD5 checksum: 6350808 361a84e497148ce557c150d3576ec24b

Architecture independent components:
      Size/MD5 checksum: 370366 60a4176d1d4b0670b7aff9997336d1ee

Alpha architecture:
      Size/MD5 checksum: 71398 d282a01d18ff370558d4367299783288
      Size/MD5 checksum: 65106 7295abd0f17b14ecc1a11163c97f120f
      Size/MD5 checksum: 65386 5133e33acb847b44c834c8070271cb8c
      Size/MD5 checksum: 293228 648ead6a63a17d98580845b7ee106305
      Size/MD5 checksum: 28712 efe49864ceda2590d54e26a48480cb1e
      Size/MD5 checksum: 1001448 7d45af75950cb25892fdbb52bb077d46
      Size/MD5 checksum: 21084 03dd9e04ff3f296322841f6e93be6c62
      Size/MD5 checksum: 84148 b3a49e76496e31a27822f1d230e00f73
      Size/MD5 checksum: 979266 91120fcfd586e5d8f41e836284149356
      Size/MD5 checksum: 141600 9c2d6f482da591e180f714ac3d926ef8
      Size/MD5 checksum: 2317502 6baf4dd23aa18288d7ca36f9640305ca
      Size/MD5 checksum: 19110 adcaa94c069e9936962759369b38ff89
      Size/MD5 checksum: 77924 2927ced16e3dece515edf23b2158ebfc
      Size/MD5 checksum: 431542 7a91cf4fe1d9561a90d0b96eb5807c7c
      Size/MD5 checksum: 20878 2aa83549d683a077e939f7e19b02b210
      Size/MD5 checksum: 202616 ffaaca19e1915b338eaf266f0f70699c
      Size/MD5 checksum: 34976 e7a456064fda5640f0ba94f5abd6001c
      Size/MD5 checksum: 876356 4fd78abaf31dfe48957d70bb32839546

AMD64 architecture:
      Size/MD5 checksum: 62036 7669c17a240b587bbd0ee1f911161bef
      Size/MD5 checksum: 56770 eecaf2a7bc407e8f9f984ce42811caea
      Size/MD5 checksum: 56972 499ce6c3fd20d7f9e86f89e67bcdc9a3
      Size/MD5 checksum: 256356 533359fe6c0c8b838f6ff614e9e44af5
      Size/MD5 checksum: 28724 4fb2fbc413e4b7108bf2aa1f79c6f0be
      Size/MD5 checksum: 950598 0a450fa324b6cb0c7b07381749706d20
      Size/MD5 checksum: 21078 6755959a7d5739330d26653ee690ad46
      Size/MD5 checksum: 73818 e72579e2caf80271e3258dc20a7de80c
      Size/MD5 checksum: 942882 5338cee460524eea60d5dc6bf65029bf
      Size/MD5 checksum: 122502 578cb1d29e82bdadba5af99279fdb3c7
      Size/MD5 checksum: 2157572 ad8d1c0498f54b7ad68602e8caeb80bf
      Size/MD5 checksum: 19114 41e3f3540c02cb7b1853e4d26741e196
      Size/MD5 checksum: 66330 f6d40bb12ad91546eb28aeab83aafedc
      Size/MD5 checksum: 423028 aa26a0761ef17c937427c59752b5307a
      Size/MD5 checksum: 20890 b3bcbe6a4b6249c002252cf28c58036c
      Size/MD5 checksum: 195762 dccf326c5b4c91d1c4dcdb4f2c92afd5
      Size/MD5 checksum: 34692 ade09288e2fc366dc32d204c7c7b542a
      Size/MD5 checksum: 798562 f018ede17c890a1d759a79f665cc2aaa

ARM architecture:
      Size/MD5 checksum: 56414 a1bb5a8dd3ffae236a98056531446f55
      Size/MD5 checksum: 51980 474c4ab0cb6401c87a33a8016cfbb826
      Size/MD5 checksum: 52100 cf7575eae3b0d1ae36ecfe4bd75e57c4
      Size/MD5 checksum: 232296 37e450f75ce60ef59c1cb17a4a569277
      Size/MD5 checksum: 28742 de2059584d50e4c0da809237a29f692c
      Size/MD5 checksum: 923846 2cc14a67890a6aa3a279dcb02f9d38b1
      Size/MD5 checksum: 21108 c14ca2b526667a6c414173fcec73ce4d
      Size/MD5 checksum: 67372 aabda4c37397e3d333b355d99b720b4c
      Size/MD5 checksum: 920768 5821edab5e21da526ff32ca03307b3fc
      Size/MD5 checksum: 157494 31604d2024792500627d0af4564b0e41
      Size/MD5 checksum: 2051964 abf57000e73d80ad985df60281ff3880
      Size/MD5 checksum: 19140 51d5111b47c38a9788c0fed407362513
      Size/MD5 checksum: 59672 b5cc54537c476b335993b12a90cd8871
      Size/MD5 checksum: 414584 e3a2f6f32be732de9507e234a41d3742
      Size/MD5 checksum: 20904 24f2b69b0dfc523b94ff02a73ba72aac
      Size/MD5 checksum: 191784 e6cc949ef79f7848f1d7cf2d5d810329
      Size/MD5 checksum: 34528 2e31e5d3ceb5afea34666ad9bf126464
      Size/MD5 checksum: 763720 4dba6df4bd5de423e44a6b11b8efe11b

Intel IA-32 architecture:
      Size/MD5 checksum: 57376 71072f9b06dd3581a02b202cb438015a
      Size/MD5 checksum: 52970 5badb9da85f753e7234a7f32a03a318c
      Size/MD5 checksum: 53106 61bffb55d63e94d013161fb2980c34f3
      Size/MD5 checksum: 238552 76e36edcb3296536c223a4759c769a11
      Size/MD5 checksum: 28714 b7f8af10a2d5c90117a53de3aa13abf5
      Size/MD5 checksum: 931886 a06720f10bca796a0b2c53abb1fe2299
      Size/MD5 checksum: 21080 b7917cbe03ddf2fde9330ce51b20ca95
      Size/MD5 checksum: 68814 c20736eda2cc5feaf4529e60c85ba8db
      Size/MD5 checksum: 922836 f02f5ab1c21c53d486a7fedec85feacf
      Size/MD5 checksum: 122712 bfc88d3568fc4e3389df7db43e69bf60
      Size/MD5 checksum: 2075584 e261e933e48e8cff16dda29756faa62b
      Size/MD5 checksum: 19102 1c03a2305ab03092b16f0b4084dfa854
      Size/MD5 checksum: 61628 aca31a8edef30abbd98b2780381892bf
      Size/MD5 checksum: 416494 2f1df669666f00b8ff6ef754acded005
      Size/MD5 checksum: 20866 073372495263b1c3688d99c0c5d25867
      Size/MD5 checksum: 193534 bd822e9eff05de17bb7198ec42401c63
      Size/MD5 checksum: 34498 c349f0e9f180d19105f2291e1fee8797
      Size/MD5 checksum: 774558 77fa3d9947ff7c2785514007f5178657

Intel IA-64 architecture:
      Size/MD5 checksum: 78200 34c63dc773b4c75ebd00f7cf28c80050
      Size/MD5 checksum: 72136 89888d8da775ba50ebc5c9e0e84120de
      Size/MD5 checksum: 72220 c684897bed01181a59a37fca9dcfd55e
      Size/MD5 checksum: 325480 67ce0edf1aa33613eac354101021afa9
      Size/MD5 checksum: 28706 be528d197ce69a2c984ff794e18dc2dd
      Size/MD5 checksum: 1048412 344b8b9dc5a495d82b37dfa13ec510cb
      Size/MD5 checksum: 21076 348f5a1bac81db8c085a296f5cdf946d
      Size/MD5 checksum: 93966 49fd13c1853d0d8b17f8b4e13e494be7
      Size/MD5 checksum: 1027844 5613bae5868a2cb98a4967c42b5d6816
      Size/MD5 checksum: 166766 1c697756e080d0955a804c99f5ddcf63
      Size/MD5 checksum: 2439930 10465cfa31beb366bb7e6f93a68c5e8f
      Size/MD5 checksum: 19108 f7ffedd7ad2e8059c6ba53c634f05ff9
      Size/MD5 checksum: 92740 f403536583ce9212e90d15941b2ca263
      Size/MD5 checksum: 444144 b819e4dd4ac550a29b49b3fa42eecb70
      Size/MD5 checksum: 20880 aad42ff2b08aa06b82cbde1fed3e9d32
      Size/MD5 checksum: 208622 e9dc023840cad25ab7537195909ec6a6
      Size/MD5 checksum: 35450 71b969257f32b3793c485f59efc88bf2
      Size/MD5 checksum: 949414 9f93ad71572eff4029c50f38a71c34c6

HP Precision architecture:
      Size/MD5 checksum: 63994 066747f7a438236c72d8966a745a5e4a
      Size/MD5 checksum: 59252 9e9ba6afead5141c5ce97c9265c6f527
      Size/MD5 checksum: 59428 0443c17cb08b07a349fd2c9ed2e2c756
      Size/MD5 checksum: 258248 5f247c9ce55bd38ff1f98915748172e2
      Size/MD5 checksum: 28716 f2daa5648a0cd0d01d4a7fc5bddae8de
      Size/MD5 checksum: 1083056 d1b1251723bc7492416fd3084db4805a
      Size/MD5 checksum: 21092 ff6754b9b27594fdbdda0ad93bac2f7b
      Size/MD5 checksum: 76322 11913df764c049964bce98adfa672e88
      Size/MD5 checksum: 1084018 d8f938817a41b532b86273e4f6c0db34
      Size/MD5 checksum: 175824 47478ef97625435ee7147c574680ba64
      Size/MD5 checksum: 2452612 c0bc05d695868f7635863a8d79aa8e8c
      Size/MD5 checksum: 19116 7644182446358c8a5a5eb760176e5460
      Size/MD5 checksum: 69462 2ba9a93763fd084ec6582362536ca74e
      Size/MD5 checksum: 483650 519e6c22e397c553a3781e37c851692a
      Size/MD5 checksum: 20882 d5fe6a7e91b37a2a1b4a45032bc281f1
      Size/MD5 checksum: 197198 6119fc1f28eacace59de5af5e8f891b3
      Size/MD5 checksum: 35236 16137fcb042424a9bfeb8c84fb50f548
      Size/MD5 checksum: 881740 70452fdd39454f2dd6772df3fac0ec56

Motorola 680x0 architecture:
      Size/MD5 checksum: 53998 35ed87de2575319efc3c9b484c4d036f
      Size/MD5 checksum: 49800 0d11fe0fd46c311960892b2fc1cdfa36
      Size/MD5 checksum: 49910 af41e93b9186e5e2500f2ef85aba685e
      Size/MD5 checksum: 226830 1a244a39fc9a5320fc5fc806304064e1
      Size/MD5 checksum: 28748 929e249687f97770106f99eff12f7bc4
      Size/MD5 checksum: 1025990 56181b2577f48694cac345aa24eaf679
      Size/MD5 checksum: 21106 3286363787af3e7dc4d253da0f4ad4a0
      Size/MD5 checksum: 64390 92c1b3e5e0cbf5adc20694eaff9fbca5
      Size/MD5 checksum: 1030770 a728bc30c80578e4b5537bd29305b8a3
      Size/MD5 checksum: 121954 b81bc0fa82ea54a4bc656342d10da1cd
      Size/MD5 checksum: 2254598 090bb398e7e60c70cd68941688b8265c
      Size/MD5 checksum: 19140 45766c49fd0f053de83afb5a09832439
      Size/MD5 checksum: 55898 adfc548cf778e086454b1292fd185ff5
      Size/MD5 checksum: 472282 5e775ad9d630957c6bfcb2fa27d9d611
      Size/MD5 checksum: 20910 aee4d377e531ee564b4ede59c72b9246
      Size/MD5 checksum: 190478 050b5cb9671b04cc85e871c29bd9a00f
      Size/MD5 checksum: 34528 f98cd75d5e0dbd5a48c1facbe35860be
      Size/MD5 checksum: 796354 401d080c6f4b9fcba5a961e536c0ecd6

Big endian MIPS architecture:
      Size/MD5 checksum: 65126 1a7ae314f68e966e2b97d9f78cfbc44d
      Size/MD5 checksum: 58594 d9addff53b2b23ef064a965d78c66b47
      Size/MD5 checksum: 58716 2e5966c1a55ae95028dc0ea5a0ccac93
      Size/MD5 checksum: 282064 b0817ccf42f7b84bde1e7376d6328c32
      Size/MD5 checksum: 28712 6cdb6e59189202f0ac2ef9364d4dc87c
      Size/MD5 checksum: 1077876 92bd2894b55702ab85d9f320b0bd8b8f
      Size/MD5 checksum: 21092 98cdca1205c8df5e9617a5a87b03d7be
      Size/MD5 checksum: 75202 accefdf6ba16cb800d7ed0d270fc78d0
      Size/MD5 checksum: 1075972 49c313109f1e080706ef5ccdab966294
      Size/MD5 checksum: 126842 e14a2572b7822172dbe92cf9ad6a3c8c
      Size/MD5 checksum: 2464854 de305a8a9b0f6b5255ef4636637c33c9
      Size/MD5 checksum: 19118 a274213a386c5eac4ec44fd89868e2a2
      Size/MD5 checksum: 67676 ec725a5ad2dc8ed41bc9730061deb171
      Size/MD5 checksum: 484872 259b1f2232c534226c33e3313742d82d
      Size/MD5 checksum: 20886 4f332a8c220ccf95693a8ba8db08aa58
      Size/MD5 checksum: 197408 6f2eab5a341b7fd4f7508e72a0707155
      Size/MD5 checksum: 35184 d6c39a00d631735f33e74aa3ee01a518
      Size/MD5 checksum: 874250 13d18d58ad59287d6a889c79580632cd

Little endian MIPS architecture:
      Size/MD5 checksum: 65198 88719b6cabc7102c152c91784a162793
      Size/MD5 checksum: 58790 99f46ed39ffaa86e1fdcb23bed809a70
      Size/MD5 checksum: 58940 7982e4f6853808fe73caa4d7aff7d901
      Size/MD5 checksum: 281886 8dcf4b7bfac5b596e533153c5067bdc5
      Size/MD5 checksum: 28716 5315b53511d482744a4bddf0a3dc21d9
      Size/MD5 checksum: 959222 a8956b9c061c6a42fd705fac5516eb4b
      Size/MD5 checksum: 21084 9e71ed2f35a4d24a471164aea97600ce
      Size/MD5 checksum: 75372 5e67382bec814ae874324b9895aded1e
      Size/MD5 checksum: 954158 adc0cd8780a444bd6d705968ffc78596
      Size/MD5 checksum: 126150 ce883f78957c24bc6e8f26e3f4548870
      Size/MD5 checksum: 2224602 88c303553d8bfd1443d874e6e8b1f166
      Size/MD5 checksum: 19118 071f299565080d6f48ca9f00caa19993
      Size/MD5 checksum: 67974 fb3d04b42bc71dc108aa12dca7c51060
      Size/MD5 checksum: 424446 a1bf4020d9de04397879f08f52abde04
      Size/MD5 checksum: 20894 b9d1c5f318ee9bdb9bd99408cdc48a30
      Size/MD5 checksum: 197386 1c940a33923e064a82de828bd4a5a7ce
      Size/MD5 checksum: 35188 abbfb2e0ae60a7be51bfbd3e30f189dc
      Size/MD5 checksum: 813650 d823a3ab6e6017e945e6dbe5b5b1bde7

PowerPC architecture:
      Size/MD5 checksum: 62318 fe0af25519255d52b59b7cbf8f77e170
      Size/MD5 checksum: 57556 2370cee74eacd6ed5a8806e6cbbe5157
      Size/MD5 checksum: 57746 d0fdbbf7a9ea630bbfc56680b00d9ca4
      Size/MD5 checksum: 255380 e54ab3167bc643c4159438269ad06e72
      Size/MD5 checksum: 28718 f87d7749d84f916c523d70661fff82d3
      Size/MD5 checksum: 1067120 3db63ecaf86f851468638c57c81d3a95
      Size/MD5 checksum: 21094 a7f496b04019d65afc96cf38e8c98814
      Size/MD5 checksum: 74818 135cc41008660110