copyright | disclaimer | privacy | contact  
Australia's Leading Computer Emergency Response Team
 
Search this site

 
On this site

 > HOME
 > About AusCERT
 > Membership
 > Contact Us
 > PKI Services
 > Training
 > Publications
 > Sec. Bulletins
 > Conferences
 > News & Media
 > Services
 > Web Log
 > Site Map
 > Site Help
 > Member login

  Home » Security Bul... » Security Bul... » AusCERT Exte... » ESB-2010.0086 - [UNIX/Linux][Debian] ircd-hybrid/irc...
 

ESB-2010.0086 - [UNIX/Linux][Debian] ircd-hybrid/ircd-ratbox: Multiple vulnerabilities
Date: 28 January 2010

Click here for printable version
Click here for PGP verifiable version
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2010.0086
     New ircd-hybrid/ircd-ratbox packages fix arbitrary code execution
                              28 January 2010

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           ircd-hybrid
                   ircd-ratbox
Publisher:         Debian
Operating System:  Debian GNU/Linux
                   UNIX variants (UNIX, Linux, OSX)
Impact/Access:     Execute Arbitrary Code/Commands -- Remote/Unauthenticated
                   Denial of Service               -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2010-0300 CVE-2009-4016 

Original Bulletin: 
   http://www.debian.org/security/2009/dsa-1980

Comment: This advisory references vulnerabilities in products which run on 
         platforms other than Debian. It is recommended that administrators 
         running ircd-hybrid or ircd-ratbox check for an updated version of 
         the software for their operating system.

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - ------------------------------------------------------------------------
Debian Security Advisory DSA-1980-1                  security@debian.org
http://www.debian.org/security/                      Steffen Joeris
January 27, 2010                      http://www.debian.org/security/faq
- - ------------------------------------------------------------------------

Package        : ircd-hybrid/ircd-ratbox
Vulnerability  : integer underflow/denial of service
Problem type   : remote
Debian-specific: no
CVE Ids        : CVE-2009-4016 CVE-2010-0300


David Leadbeater discovered an integer underflow that could be triggered
via the LINKS command and can lead to a denial of service or the
execution of arbitrary code (CVE-2009-4016). This issue affects both,
ircd-hybrid and ircd-ratbox.

It was discovered that the ratbox IRC server is prone to a denial of
service attack via the HELP command. The ircd-hybrid package is not
vulnerable to this issue (CVE-2010-0300).


For the stable distribution (lenny), this problem has been fixed in
version 1:7.2.2.dfsg.2-4+lenny1 of the ircd-hybrid package and in
version 2.2.8.dfsg-2+lenny1 of ircd-ratbox.

Due to a bug in the archive software it was not possible to release the
fix for the oldstable distribution (etch) simultaneously. The packages
will be released as version 7.2.2.dfsg.2-3+etch1 once they become
available.

For the testing distribution (squeeze) and the unstable distribution
(sid), this problem will be fixed soon.


We recommend that you upgrade your ircd-hybrid/ircd-ratbox packages.


Upgrade instructions
- - --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 5.0 alias lenny
- - --------------------------------

Debian (stable)
- - ---------------

Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

  http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox_2.2.8.dfsg-2+lenny1.dsc
    Size/MD5 checksum:     1139 a48d912892925013b37fb773841d6710
  http://security.debian.org/pool/updates/main/i/ircd-hybrid/ircd-hybrid_7.2.2.dfsg.2.orig.tar.gz
    Size/MD5 checksum:   756749 75896381ea6330aea860b35fff3c34bb
  http://security.debian.org/pool/updates/main/i/ircd-hybrid/ircd-hybrid_7.2.2.dfsg.2-4+lenny1.diff.gz
    Size/MD5 checksum:   115007 a8d23129d0675ff779e5e315f8632a6b
  http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox_2.2.8.dfsg-2+lenny1.diff.gz
    Size/MD5 checksum:    18289 04a221b2b8dfd0654778a6608c7cb66b
  http://security.debian.org/pool/updates/main/i/ircd-hybrid/ircd-hybrid_7.2.2.dfsg.2-4+lenny1.dsc
    Size/MD5 checksum:     1230 f79125aafcc5d9fcbd09bedadd69fce7
  http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox_2.2.8.dfsg.orig.tar.gz
    Size/MD5 checksum:   673439 0eb7d1430a997a37af03f8b2f9eed4bb

Architecture independent packages:

  http://security.debian.org/pool/updates/main/i/ircd-hybrid/hybrid-dev_7.2.2.dfsg.2-4+lenny1_all.deb
    Size/MD5 checksum:    65708 85dba185f2fdd9e7b3c423ae8722cc2f

alpha architecture (DEC Alpha)

  http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox_2.2.8.dfsg-2+lenny1_alpha.deb
    Size/MD5 checksum:   568252 35a559f24895dab0fbe71f6af3a8c0b1
  http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox-dbg_2.2.8.dfsg-2+lenny1_alpha.deb
    Size/MD5 checksum:   929788 583d32d5afc9747d824499183d4a5761
  http://security.debian.org/pool/updates/main/i/ircd-hybrid/ircd-hybrid_7.2.2.dfsg.2-4+lenny1_alpha.deb
    Size/MD5 checksum:   660008 1a2bca514133dbc27f91bca69ed2122e

amd64 architecture (AMD x86_64 (AMD64))

  http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox-dbg_2.2.8.dfsg-2+lenny1_amd64.deb
    Size/MD5 checksum:   937710 2867b5535578c017699418acab7565b7
  http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox_2.2.8.dfsg-2+lenny1_amd64.deb
    Size/MD5 checksum:   542006 52ca320cdd28849bd65065c921f03623
  http://security.debian.org/pool/updates/main/i/ircd-hybrid/ircd-hybrid_7.2.2.dfsg.2-4+lenny1_amd64.deb
    Size/MD5 checksum:   634416 d320f0d1b77cb08cb0caa9c9644d13aa

arm architecture (ARM)

  http://security.debian.org/pool/updates/main/i/ircd-hybrid/ircd-hybrid_7.2.2.dfsg.2-4+lenny1_arm.deb
    Size/MD5 checksum:   589350 451a5bcf2b4b8f40e39128be3fdc479d

armel architecture (ARM EABI)

  http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox-dbg_2.2.8.dfsg-2+lenny1_armel.deb
    Size/MD5 checksum:   894654 4daf0784d8865e75c378630d7cf2d870
  http://security.debian.org/pool/updates/main/i/ircd-hybrid/ircd-hybrid_7.2.2.dfsg.2-4+lenny1_armel.deb
    Size/MD5 checksum:   595420 bf40953d00dbccd069b1596b6c84eadc
  http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox_2.2.8.dfsg-2+lenny1_armel.deb
    Size/MD5 checksum:   504238 785107a5a9fa3dcd88f2a12916d47092

hppa architecture (HP PA RISC)

  http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox-dbg_2.2.8.dfsg-2+lenny1_hppa.deb
    Size/MD5 checksum:   908902 8e1ebf2baf27a71f008eba792cdd87d7
  http://security.debian.org/pool/updates/main/i/ircd-hybrid/ircd-hybrid_7.2.2.dfsg.2-4+lenny1_hppa.deb
    Size/MD5 checksum:   647938 c67f473e9b4ae77a5578359c76ff5e75
  http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox_2.2.8.dfsg-2+lenny1_hppa.deb
    Size/MD5 checksum:   554656 00af4d733f43a8404b2e62718a4bd341

i386 architecture (Intel ia32)

  http://security.debian.org/pool/updates/main/i/ircd-hybrid/ircd-hybrid_7.2.2.dfsg.2-4+lenny1_i386.deb
    Size/MD5 checksum:   591346 7a9ccd0273005c654f5e78d6ba9d29d6
  http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox-dbg_2.2.8.dfsg-2+lenny1_i386.deb
    Size/MD5 checksum:   891002 796bbd22c352ec873c9705e560492dbe
  http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox_2.2.8.dfsg-2+lenny1_i386.deb
    Size/MD5 checksum:   499796 24e0d7b1284b3d7c3688366e9a8c493e

ia64 architecture (Intel ia64)

  http://security.debian.org/pool/updates/main/i/ircd-hybrid/ircd-hybrid_7.2.2.dfsg.2-4+lenny1_ia64.deb
    Size/MD5 checksum:   783482 28568b727f452ef622cb8939618dde23
  http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox_2.2.8.dfsg-2+lenny1_ia64.deb
    Size/MD5 checksum:   685370 17507ab3172ad5e1fd88ea05c70f68c4
  http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox-dbg_2.2.8.dfsg-2+lenny1_ia64.deb
    Size/MD5 checksum:   906848 4561656a5c033c9b647f146a13e79322

mips architecture (MIPS (Big Endian))

  http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox_2.2.8.dfsg-2+lenny1_mips.deb
    Size/MD5 checksum:   506502 854cd9c98a5eaf38e3f815fd79d20c9a
  http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox-dbg_2.2.8.dfsg-2+lenny1_mips.deb
    Size/MD5 checksum:   918546 5307013e962c38b405db7507e251a31d
  http://security.debian.org/pool/updates/main/i/ircd-hybrid/ircd-hybrid_7.2.2.dfsg.2-4+lenny1_mips.deb
    Size/MD5 checksum:   601610 9fc6640bb08a3af295589b72f6667087

mipsel architecture (MIPS (Little Endian))

  http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox-dbg_2.2.8.dfsg-2+lenny1_mipsel.deb
    Size/MD5 checksum:   912794 6024ad0383d9696c727203a0af740630
  http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox_2.2.8.dfsg-2+lenny1_mipsel.deb
    Size/MD5 checksum:   504864 ac200b212ed5ed69095b90bba53558f3
  http://security.debian.org/pool/updates/main/i/ircd-hybrid/ircd-hybrid_7.2.2.dfsg.2-4+lenny1_mipsel.deb
    Size/MD5 checksum:   599656 f32d222728582a36d1a75494d87340af

powerpc architecture (PowerPC)

  http://security.debian.org/pool/updates/main/i/ircd-hybrid/ircd-hybrid_7.2.2.dfsg.2-4+lenny1_powerpc.deb
    Size/MD5 checksum:   732146 445dc7f28c92455ed3293b9b6b795020
  http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox-dbg_2.2.8.dfsg-2+lenny1_powerpc.deb
    Size/MD5 checksum:  1001328 bca90faf524223bb06bb47774ee7d147
  http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox_2.2.8.dfsg-2+lenny1_powerpc.deb
    Size/MD5 checksum:   639750 282ee75ee6b2e2fefcda221fb930bc6b

s390 architecture (IBM S/390)

  http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox-dbg_2.2.8.dfsg-2+lenny1_s390.deb
    Size/MD5 checksum:   905196 cc484c7b4f807227ff75af729504ca0c
  http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox_2.2.8.dfsg-2+lenny1_s390.deb
    Size/MD5 checksum:   537006 3c24b451ae8fdd846d982982fa652535
  http://security.debian.org/pool/updates/main/i/ircd-hybrid/ircd-hybrid_7.2.2.dfsg.2-4+lenny1_s390.deb
    Size/MD5 checksum:   616620 d9bba18dc19104a06d57403bf93e64a6

sparc architecture (Sun SPARC/UltraSPARC)

  http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox-dbg_2.2.8.dfsg-2+lenny1_sparc.deb
    Size/MD5 checksum:   843350 99cd0379e8623f3265bbba3eb8578e86
  http://security.debian.org/pool/updates/main/i/ircd-hybrid/ircd-hybrid_7.2.2.dfsg.2-4+lenny1_sparc.deb
    Size/MD5 checksum:   586408 87cbcdd0fadac9c2d17c71cb5df907f7
  http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox_2.2.8.dfsg-2+lenny1_sparc.deb
    Size/MD5 checksum:   498376 a117209c1ed8b9104bee8a154d390fd0


  These files will probably be moved into the stable distribution on
  its next update.

- - ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAktgoccACgkQ62zWxYk/rQdv9gCfUjTdEehRZSMgLqcSEUdOyy2d
XvMAniS7ut9hqsHpASG+55i86DfEQ6wH
=Ph5o
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

If you believe that your computer system has been compromised or attacked in 
any way, we encourage you to let us know by completing the secure National IT 
Incident Reporting Form at:

        http://www.auscert.org.au/render.html?it=3192

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iD8DBQFLYMO+NVH5XJJInbgRAs6vAJ49cEcqclJp+G869VBov/mcW1CKMgCgh4iv
IzWbVCBH8XJojn4LoMVklLA=
=MxhM
-----END PGP SIGNATURE-----




Comments? Click here http://www.auscert.org.au/render.html?cid=1980&it=12300