Date: 01 February 2010
Related Files:
ESB-2010.0090
Click here for printable version
Click here for PGP verifiable version
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2010.0090.2
New maildrop packages fix regression
1 February 2010
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: maildrop
Publisher: Debian
Operating System: Debian GNU/Linux
UNIX variants (UNIX, Linux, OSX)
Impact/Access: Root Compromise -- Existing Account
Resolution: Patch/Upgrade
CVE Names: CVE-2010-0301
Original Bulletin:
http://www.debian.org/security/2009/dsa-1981
Comment: This bulletin contains two (2) Debian security advisories, the
second is a Debian specific regression.
This advisory references vulnerabilities in products which run on
platforms other than Debian. It is recommended that administrators
running maildrop check for an updated version of the software for
their operating system.
Revision History: February 1 2010: CVE Update
January 29 2010: Initial Release
- --------------------------BEGIN INCLUDED TEXT--------------------
- ------------------------------------------------------------------------
Debian Security Advisory DSA-1981-2 security@debian.org
http://www.debian.org/security/ Steffen Joeris
January 28, 2010 http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : maildrop
Vulnerability : privilege escalation
Problem type : local
Debian-specific: no
CVE Id : CVE-2010-0301
Debian Bug : 564601
The latest DSA for maildrop introduced two regressions. The maildrop
program stopped working when invoked as a non-root user, such as with
postfix. Also, the lenny version dropped a dependency on the
courier-authlib package.
For the stable distribution (lenny), this problem has been fixed in
version 2.0.4-3+lenny3.
For the oldstable distribution (etch), this problem has been fixed in
version 2.0.2-11+etch2.
For the testing distribution (squeeze) this problem will be fixed soon.
For the unstable distribution (sid), this problem has been fixed in
version 2.2.0-3.1.
For reference, the original advisory text is below.
Christoph Anton Mitterer discovered that maildrop, a mail delivery agent
with filtering abilities, is prone to a privilege escalation issue that
grants a user root group privileges.
We recommend that you upgrade your maildrop packages.
Upgrade instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 4.0 alias etch
- -------------------------------
Debian (oldstable)
- ------------------
Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64,
mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/m/maildrop/maildrop_2.0.2-11+etch2.dsc
Size/MD5 checksum: 736 280d7371f21cd78c4977d65967f4695c
http://security.debian.org/pool/updates/main/m/maildrop/maildrop_2.0.2-11+etch2.diff.gz
Size/MD5 checksum: 13965 269c15cb493be7357dc5d8a8acbad25d
http://security.debian.org/pool/updates/main/m/maildrop/maildrop_2.0.2.orig.tar.gz
Size/MD5 checksum: 3217622 d799e44aa65027a02343e5e08b97f3a0
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/m/maildrop/maildrop_2.0.2-11+etch2_alpha.deb
Size/MD5 checksum: 398482 c4dcbec55c55dff97a738617b367f517
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/m/maildrop/maildrop_2.0.2-11+etch2_amd64.deb
Size/MD5 checksum: 363478 94687bb12867af71bcf9680f089e422f
arm architecture (ARM)
http://security.debian.org/pool/updates/main/m/maildrop/maildrop_2.0.2-11+etch2_arm.deb
Size/MD5 checksum: 350004 513a26c626071a4d58abbbc22a7f9f4b
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/m/maildrop/maildrop_2.0.2-11+etch2_hppa.deb
Size/MD5 checksum: 388388 ce6100257045fe40df77af384d5d2b51
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/m/maildrop/maildrop_2.0.2-11+etch2_i386.deb
Size/MD5 checksum: 355890 07f603a68d05bf05f9fad916f9de51e0
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/m/maildrop/maildrop_2.0.2-11+etch2_ia64.deb
Size/MD5 checksum: 470078 78f1972ef14698a20d5c181b90dd31e7
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/m/maildrop/maildrop_2.0.2-11+etch2_mipsel.deb
Size/MD5 checksum: 376390 678ed61359f44e3bb9161d03e4b6675f
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/m/maildrop/maildrop_2.0.2-11+etch2_powerpc.deb
Size/MD5 checksum: 358184 c76433b354ed838938340a06a7f93cd2
Debian GNU/Linux 5.0 alias lenny
- --------------------------------
Debian (stable)
- ---------------
Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/m/maildrop/maildrop_2.0.4.orig.tar.gz
Size/MD5 checksum: 3566630 78e6c27afe7eff9e132b8bc20087aae7
http://security.debian.org/pool/updates/main/m/maildrop/maildrop_2.0.4-3+lenny3.diff.gz
Size/MD5 checksum: 807850 15846a840e3bad8301778630d7e7bf24
http://security.debian.org/pool/updates/main/m/maildrop/maildrop_2.0.4-3+lenny3.dsc
Size/MD5 checksum: 1137 826da92ceb403b0e0778c3609c109a1e
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/m/maildrop/maildrop_2.0.4-3+lenny3_alpha.deb
Size/MD5 checksum: 402062 21c37f944be6d5b02544acb17c521681
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/m/maildrop/maildrop_2.0.4-3+lenny3_amd64.deb
Size/MD5 checksum: 371772 18b875356d68e326c51decf8061eff99
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/m/maildrop/maildrop_2.0.4-3+lenny3_hppa.deb
Size/MD5 checksum: 389098 c59222e68d068e2d68db475854b8f52d
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/m/maildrop/maildrop_2.0.4-3+lenny3_i386.deb
Size/MD5 checksum: 359508 340a509db515cd0d4e9af017871d0f80
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/m/maildrop/maildrop_2.0.4-3+lenny3_ia64.deb
Size/MD5 checksum: 466646 826d66a3b3bc85492bf45f9552db15ca
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/m/maildrop/maildrop_2.0.4-3+lenny3_mips.deb
Size/MD5 checksum: 375330 c0c80404e33608fdc46d007d7ad97c08
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/m/maildrop/maildrop_2.0.4-3+lenny3_mipsel.deb
Size/MD5 checksum: 376072 ece64fb17424086e64dd5cb84604f80b
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/m/maildrop/maildrop_2.0.4-3+lenny3_powerpc.deb
Size/MD5 checksum: 379196 3cd9eb52eb8a14feebd37be8578f467f
These files will probably be moved into the stable distribution on
its next update.
- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
If you believe that your computer system has been compromised or attacked in
any way, we encourage you to let us know by completing the secure National IT
Incident Reporting Form at:
http://www.auscert.org.au/render.html?it=3192
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iD8DBQFLZihp/iFOrG6YcBERAiP5AJ0RtdG4un1E741MVCkslcUY0ux9bwCghrT+
TkKdJ/GmC3KvyyUPCzGYZOs=
=BsPg
-----END PGP SIGNATURE-----
|