SuSE Security Announcement: pop

Date: Thu, 22 Mar 2001 20:48:30 +0100 (CET)
From: Thomas Biege thomas@suse.de
To: suse-security-announce@suse.com
Subject: [suse-security-announce] SuSE Security Announcement: pop
(SuSE-SA:2001:06)

---

                        SuSE Security Announcement

        Package:                pop
        Announcement-ID:        SuSE-SA:2001:06
        Date:                   Wednesday, March 21th, 2001 19.19 MEST
        Affected SuSE versions: 6.1
        Vulnerability Type:     remote command execution
        Severity (1-10):        2
        SuSE default package:   no
        Other affected systems: all system using the pop package

        Content of this advisory:
        1) security vulnerability resolved: imapd, ipop2d, ipop3d
           problem description, discussion, solution and upgrade information
        2) pending vulnerabilities, solutions, workarounds
        3) standard appendix (further information)

---

1) problem description, brief discussion, solution, upgrade
information

The eMail access daemons imapd(8), ipop2d(8) and ipop3d(8) of
SuSE 6.1 are vulnerable to several buffer overflows. Due to a
misconfiguration these vulnerbilities could be triggered remotely
after a user had been authenticated.

Download the update package from locations desribed below and
install the package with the command `rpm -Uhv file.rpm’. The
md5sum for each file is in the line below. You can verify the
integrity of the rpm files using the command
`rpm –checksig –nogpg file.rpm’,
independently from the md5 signatures below.

i386 Intel Platform:

SuSE-6.1

ftp://ftp.suse.com/pub/suse/i386/update/6.1/n1/pop-2001.3.21-0.i386.rpm

1277deee87f3d1553ee18ae078d646aa
source rpm:

ftp://ftp.suse.com/pub/suse/i386/update/6.1/zq1/pop-2001.3.21-0.src.rpm

ce326335b36e51b6a635b69fc0106911

AXP Alpha Platform:

SuSE-6.1

ftp://ftp.suse.com/pub/suse/axp/update/6.1/n1/pop-2001.3.21-0.alpha.rpm

33405d29e279795d99853a1235a821f9
source rpm:

ftp://ftp.suse.com/pub/suse/axp/update/6.1/zq1/pop-2001.3.21-0.src.rpm

eecd7c9ac81397f9eb7b2bee01a0154d

---

2) Pending vulnerabilities in SuSE Distributions and
Workarounds:

– joe (configuration file vulnerability): The problem has been
reported on multiple security-related mailing lists. We are about
to provide fixed packages.

– The game spaceboom (SVGA shoot’em up) has been found
vulnerable to multiple vulnerabilities. As a reaction to these
bugs, the spaceboom game has been dropped from the distribution. We
recommend to deinstall the game from our 6.x and 7.x distribution
by using the command `rpm -e space´, or to remove the suid
bit from the file /usr/games/SpaceBoom/SpaceBoom using the
command
`chmod -s /usr/games/SpaceBoom/SpaceBoom´.
(Note: removing the suid bit prevents the game from being used by
non-root users and from being reinstalled after removal.)

– We are in the process of preparing update packages for the man
package which has been found vulnerable to a commandline format
string bug. The man command is installed suid man on SuSE systems.
When exploited, the bug can be used to install a different man
binary to introduce a trojan into the system. As an interim
workaround, we recommend to `chmod -s /usr/bin/man´ and
ignore the warnings and errors when viewing manpages.

– The file browser MidnightCommander (mc) is vulnerable to
unwanted program execution. Updates are currently being built.

– A new nkitb/nkitserv package will be availabe soon. This
update adresses bugs in timed, in.ftpd.

– New RPMs, that fix’ a vulnerbility in the eperl package for
SuSE 6.1-7.1 are currently being built.

---

3) standard appendix:

SuSE runs two security mailing lists to which any interested
party may subscribe:

    suse-security@suse.com
        -   general/linux/SuSE security discussion.
            All SuSE security announcements are sent to this list.
            To subscribe, send an email to
                suse-security-subscribe@suse.com.

    suse-security-announce@suse.com
        -   SuSE's announce-only mailing list.
            Only SuSE's security annoucements are sent to this list.
            To subscribe, send an email to
                suse-security-announce-subscribe@suse.com.

    For general information or the frequently asked questions (faq)
    send mail to:
        suse-security-info@suse.com or
        suse-security-faq@suse.com respectively.

---

    SuSE's security contact is security@suse.com.

---

The information in this advisory may be distributed or reproduced,
provided that the advisory is not modified in any way. SuSE GmbH
makes no warranties of any kind whatsoever with respect to the
information contained in this security advisory.