首页 -> 安全研究
安全研究
安全漏洞
Eric S. Raymond Fetchmail恶意邮件头造成堆破坏漏洞
发布日期:2002-12-17
更新日期:2002-12-24
受影响系统:
Eric Raymond Fetchmail 6.1.3不受影响系统:
Eric Raymond Fetchmail 6.1.0
Eric Raymond Fetchmail 6.0.0
Eric Raymond Fetchmail 5.9.9
Eric Raymond Fetchmail 5.9.8
Eric Raymond Fetchmail 5.9.7
Eric Raymond Fetchmail 5.9.6
Eric Raymond Fetchmail 5.9.5
Eric Raymond Fetchmail 5.9.4
Eric Raymond Fetchmail 5.9.3
Eric Raymond Fetchmail 5.9.2
Eric Raymond Fetchmail 5.9.14
Eric Raymond Fetchmail 5.9.13
Eric Raymond Fetchmail 5.9.12
Eric Raymond Fetchmail 5.9.11
Eric Raymond Fetchmail 5.9.10
Eric Raymond Fetchmail 5.9.1
Eric Raymond Fetchmail 5.9.0
- Conectiva Linux 8.0
- Conectiva Linux 7.0
- Conectiva Linux 6.0
- Debian Linux 3.0
- RedHat Linux 7.2
- RedHat Linux 7.1
- RedHat Linux 7.0
- RedHat Linux 6.2
Eric Raymond Fetchmail 6.2.0描述:
BUGTRAQ ID: 6390
CVE(CAN) ID: CVE-2002-1365
Fetchmail是一款由Eric S. Raymond维护的免费开放源代码邮件过滤系统。
Fetchmail在执行reply-hack操作时没有为搜索到的地址分配足够的空间,远程攻击者可以利用这个漏洞提交包含恶意头信息的邮件给目标用户,造成基于堆的破坏。
当Fetchmail接收到EMAIL时会执行reply-hack操作,这个操作将对邮件头中包含的地址进行搜索,搜索是否有本地地址(不包含@domain)。当此地址找到时,Fetchmail会追加@和邮件服务器主机名。在分配这些地址的空间时,只对主机名数值进行了计算,而没有处理@符号,因此邮件头中包含超长本地地址可能导致发生基于单字节的溢出,精心构建提交数据可能以本地进程权限在系统上执行任意指令。
<*来源:Stefan Esser (s.esser@ematters.de)
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=103979751818638&w=2
https://www.redhat.com/support/errata/RHSA-2002-293.html
http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000554
*>
建议:
厂商补丁:
Conectiva
---------
Conectiva已经为此发布了一个安全公告(CLA-2002:554)以及相应补丁:
CLA-2002:554:fetchmail
链接:http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000554
补丁下载:
Conectiva Upgrade fetchmail-5.9.12-1U60_4cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/fetchmail-5.9.12-1U60_4cl.i386.rpm
Conectiva Upgrade fetchmailconf-5.9.12-1U60_4cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/fetchmailconf-5.9.12-1U60_4cl.i386.rpm
Conectiva Upgrade fetchmail-doc-5.9.12-1U60_4cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/fetchmail-doc-5.9.12-1U60_4cl.i386.rpm
Conectiva Upgrade fetchmail-5.9.12-1U70_4cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/fetchmail-5.9.12-1U70_4cl.i386.rpm
Conectiva Upgrade fetchmailconf-5.9.12-1U70_4cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/fetchmailconf-5.9.12-1U70_4cl.i386.rpm
Conectiva Upgrade fetchmail-doc-5.9.12-1U70_4cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/fetchmail-doc-5.9.12-1U70_4cl.i386.rpm
Conectiva Upgrade fetchmail-5.9.12-1U80_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/fetchmail-5.9.12-1U80_3cl.i386.rpm
Conectiva Upgrade fetchmailconf-5.9.12-1U80_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/fetchmailconf-5.9.12-1U80_3cl.i386.rpm
Conectiva Upgrade fetchmail-doc-5.9.12-1U80_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/fetchmail-doc-5.9.12-1U80_3cl.i386.rpm
Eric Raymond
------------
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
Eric Raymond Upgrade fetchmail-6.2.0.tar.gz
http://www.tuxedo.org/~esr/fetchmail/fetchmail-6.2.0.tar.gz
RedHat
------
RedHat已经为此发布了一个安全公告(RHSA-2002:293-09)以及相应补丁:
RHSA-2002:293-09:Updated Fetchmail packages fix security vulnerability
链接:https://www.redhat.com/support/errata/RHSA-2002-293.html
补丁下载:
RedHat RPM fetchmail-5.9.0-21.8.0.i386.rpm
ftp://updates.redhat.com/8.0/en/os/i386/fetchmail-5.9.0-21.8.0.i386.rpm
RedHat RPM fetchmailconf-5.9.0-21.7.3.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/fetchmailconf-5.9.0-21.7.3.i386.rpm
RedHat RPM fetchmail-5.9.0-21.7.3.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/fetchmail-5.9.0-21.7.3.i386.rpm
RedHat RPM fetchmailconf-5.9.0-21.7.3.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/fetchmailconf-5.9.0-21.7.3.ia64.rpm
RedHat RPM fetchmail-5.9.0-21.7.3.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/fetchmail-5.9.0-21.7.3.ia64.rpm
RedHat RPM fetchmailconf-5.9.0-21.7.3.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/fetchmailconf-5.9.0-21.7.3.i386.rpm
RedHat RPM fetchmail-5.9.0-21.7.3.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/fetchmail-5.9.0-21.7.3.i386.rpm
RedHat RPM fetchmailconf-5.9.0-21.7.1.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/fetchmailconf-5.9.0-21.7.1.i386.rpm
RedHat RPM fetchmail-5.9.0-21.7.1.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/fetchmail-5.9.0-21.7.1.i386.rpm
RedHat RPM fetchmailconf-5.9.0-21.7.1.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/fetchmailconf-5.9.0-21.7.1.i386.rpm
RedHat RPM fetchmail-5.9.0-21.7.1.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/fetchmail-5.9.0-21.7.1.i386.rpm
RedHat RPM fetchmailconf-5.9.0-21.6.2.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/fetchmailconf-5.9.0-21.6.2.i386.rpm
RedHat RPM fetchmail-5.9.0-21.6.2.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/fetchmail-5.9.0-21.6.2.i386.rpm
浏览次数:3076
严重程度:0(网友投票)
绿盟科技给您安全的保障