Hylafax Mailing List Archives
|
[Date Prev][Date Next][Thread Prev][Thread Next]
[Date Index]
[Thread Index]
[hylafax-users] FYI: FW: [suse-security-announce] SuSE Security Announcement: hylafax (SuSE-SA:2001:15)
> -----Original Message-----
> From: Thomas Biege [mailto:thomas@suse.de]
> Sent: Friday, April 20, 2001 11:34 AM
> To: suse-security-announce@suse.com
> Subject: [suse-security-announce] SuSE Security Announcement: hylafax
> (SuSE-SA:2001:15)
>
>
> -----BEGIN PGP SIGNED MESSAGE-----
>
> ______________________________________________________________________________
>
> SuSE Security Announcement
>
> Package: hylafax
> Announcement-ID: SuSE-SA:2001:15
> Date: Friday, April 20th, 2001 10.26 MEST
> Affected SuSE versions: [6.1, 6.2,] 6.3, 6.4, 7.0, 7.1
> Vulnerability Type: local root compromise
> Severity (1-10): 7
> SuSE default package: no
> Other affected systems: all systems using hylafax
>
> Content of this advisory:
> 1) security vulnerability resolved: hylafax
> problem description, discussion, solution and upgrade information
> 2) pending vulnerabilities, solutions, workarounds
> 3) standard appendix (further information)
>
> ______________________________________________________________________________
>
> 1) problem description, brief discussion, solution, upgrade information
>
> The HylaFax program hfaxd(8c) implements the server part of the
> HylaFax package. It is started either by inetd(8) or runs in
> standalone mode. hfaxd(8c) offers three different protocols to
> process fax jobs.
> When hfaxd(8c) tries to change to it's queue directory and fails,
> it prints an error message via syslog by directly passing user
> supplied data as format string. As long as hfaxd(8c) is installed
> setuid root, this behavior could be exploited to gain root access
> locally.
>
> As a workaround remove the setuid bit:
> /bin/chmod u-s /usr/lib/fax/hfaxd
> or restrict access to trusted users only:
> /bin/chown root.trusted /usr/lib/fax/hfaxd
> /bin/chmod 4750 /usr/lib/fax/hfaxd
>
> Download the update package from locations described below and install
> the package with the command `rpm -Uhv file.rpm'. The md5sum for each
> file is in the line below. You can verify the integrity of the rpm
> files using the command
> `rpm --checksig --nogpg file.rpm',
> independently from the md5 signatures below.
>
>
>
> i386 Intel Platform:
>
> SuSE-7.1
> ftp://ftp.suse.com/pub/suse/i386/update/7.1/n3/hylafax-4.1beta2-251.i386.rpm
> a3d5d0d5a8977852b02dc9b7352054aa
> source rpm:
> ftp://ftp.suse.com/pub/suse/i386/update/7.1/zq1/hylafax-4.1beta2-251.src.rpm
> b5c8877de53db86eabfae932142221d7
>
> SuSE-7.0
> ftp://ftp.suse.com/pub/suse/i386/update/7.0/n2/hylafax-4.1beta2-254.i386.rpm
> 5be3094195a789d83b02d59ab343d7b5
> source rpm:
> ftp://ftp.suse.com/pub/suse/i386/update/7.0/zq1/hylafax-4.1beta2-254.src.rpm
> 87ee1d77eea95eac74c6b8355912ad9f
>
> SuSE-6.4
> ftp://ftp.suse.com/pub/suse/i386/update/6.4/n2/hylafax-4.1beta2-253.i386.rpm
> 90a894b8d47a94125992f3a64a6ada44
> source rpm:
> ftp://ftp.suse.com/pub/suse/i386/update/6.4/zq1/hylafax-4.1beta2-253.src.rpm
> 7b53ca017efdd9371c9a6207095a8c2f
>
> SuSE-6.3
> ftp://ftp.suse.com/pub/suse/i386/update/6.3/n2/hylafax-4.1beta2-252.i386.rpm
> 340e64a902a2e3f73b7d1771739c5b59
> source rpm:
> ftp://ftp.suse.com/pub/suse/i386/update/6.3/zq1/hylafax-4.1beta2-252.src.rpm
> edb05a6191ab7d5533d1d9eb9ef0d255
>
>
>
> Sparc Platform:
>
> SuSE-7.1
> ftp://ftp.suse.com/pub/suse/sparc/update/7.1/n3/hylafax-4.1beta2-218.sparc.rpm
> 1449e568071f5fb6080efebb8f2a7a2b
> source rpm:
> ftp://ftp.suse.com/pub/suse/sparc/update/7.1/zq1/hylafax-4.1beta2-218.src.rpm
> bf8c780206da51bc548e9fd4264b9bfc
>
> SuSE-7.0
> ftp://ftp.suse.com/pub/suse/sparc/update/7.0/n2/hylafax-4.1beta2-218.sparc.rpm
> bb265465ea8b84ca31b5c954266daf1d
> source rpm:
> ftp://ftp.suse.com/pub/suse/sparc/update/7.0/zq1/hylafax-4.1beta2-218.src.rpm
> b5bcae601fe056f399fc8696aa156529
>
>
>
> AXP Alpha Platform:
>
> SuSE-7.0
> ftp://ftp.suse.com/pub/suse/axp/update/7.0/n2/hylafax-4.1beta2-211.alpha.rpm
> 2ee3176e2b425c494bd37d22f2ea090c
> source rpm:
> ftp://ftp.suse.com/pub/suse/axp/update/7.0/zq1/hylafax-4.1beta2-211.src.rpm
> f89c3771432d84a3e7c3ab2f4331d73c
>
> SuSE-6.4
> ftp://ftp.suse.com/pub/suse/axp/update/6.4/n2/hylafax-4.1beta2-211.alpha.rpm
> 5aecfb997867f8f72164f27dc220f95b
> source rpm:
> ftp://ftp.suse.com/pub/suse/axp/update/6.4/zq1/hylafax-4.1beta2-211.src.rpm
> 09f1cbb3714dfe75e1aa3ff2a52c13a3
>
> SuSE-6.3
> ftp://ftp.suse.com/pub/suse/axp/update/6.3/n2/hylafax-4.1beta2-211.alpha.rpm
> 39f12bc3f09bab26c60df98a2b52b64e
> source rpm:
> ftp://ftp.suse.com/pub/suse/axp/update/6.3/zq1/hylafax-4.1beta2-211.src.rpm
> 6a48eac9982dfca01a1ed904cacfb2c8
>
>
>
> PPC PowerPC Platform:
>
> SuSE-7.1
> ftp://ftp.suse.com/pub/suse/ppc/update/7.1/n3/hylafax-4.1beta2-164.ppc.rpm
> a42c7bc70e25a6725d8e2a76870be1d4
> source rpm:
> ftp://ftp.suse.com/pub/suse/ppc/update/7.1/zq1/hylafax-4.1beta2-164.src.rpm
> 9c064b869fb7c73f453a254b5f3780be
>
> SuSE-7.0
> ftp://ftp.suse.com/pub/suse/ppc/update/7.0/n2/hylafax-4.1beta2-165.ppc.rpm
> 81387d514f089a7060bc6dacb15358a8
> source rpm:
> ftp://ftp.suse.com/pub/suse/ppc/update/7.0/zq1/hylafax-4.1beta2-165.src.rpm
> 35ec2293fb0390cb827935499506ed89
>
> SuSE-6.4
> ftp://ftp.suse.com/pub/suse/ppc/update/6.4/n2/hylafax-4.1beta2-165.ppc.rpm
> be20c8f1ef2488c8db711744eab2233b
> source rpm:
> ftp://ftp.suse.com/pub/suse/ppc/update/6.4/zq1/hylafax-4.1beta2-165.src.rpm
> 4af4d6b8e948b39a1d4040adaad27c0a
>
>
> ______________________________________________________________________________
>
> 2) Pending vulnerabilities in SuSE Distributions and Workarounds:
>
> - Updated man RPMs will be available in a few days.
>
> - In the past weeks, some security related bugs in the Linux kernel 2.2
> and 2.4 were found. An announcement, that addresses this will be
> released asap.
>
> - Samba has serveral security problems, which could lead to local root
> access. Samba 2.0.8 fixes these problems. New RPMs are currently being
> built.
>
> ______________________________________________________________________________
>
> 3) standard appendix:
>
> SuSE runs two security mailing lists to which any interested party may
> subscribe:
>
> suse-security@suse.com
> - general/linux/SuSE security discussion.
> All SuSE security announcements are sent to this list.
> To subscribe, send an email to
> <suse-security-subscribe@suse.com>.
>
> suse-security-announce@suse.com
> - SuSE's announce-only mailing list.
> Only SuSE's security annoucements are sent to this list.
> To subscribe, send an email to
> <suse-security-announce-subscribe@suse.com>.
>
> For general information or the frequently asked questions (faq)
> send mail to:
> <suse-security-info@suse.com> or
> <suse-security-faq@suse.com> respectively.
>
> ===============================================
> SuSE's security contact is <security@suse.com>.
> ===============================================
>
> ______________________________________________________________________________
>
> The information in this advisory may be distributed or reproduced,
> provided that the advisory is not modified in any way.
> SuSE GmbH makes no warranties of any kind whatsoever with respect
> to the information contained in this security advisory.
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6.3i
> Charset: noconv
>
> iQEVAwUBOuACUHey5gA9JdPZAQHrdwf/TIjn3G879Q4Vb5im5T7CkHr+YF6pGbp4
> NjxEM8j8lSPnXy1iJwYRuSV7UT7Jrcqe2lm008IUMD9xN73ybUjnjiG2dzCYfI52
> xYImtlzTiAlaGVHtnPGBBj7K3MOLqCQsgr2FkjJ6/LOsdFrBSa2BNEcl+fy/9n72
> 2+fZN04hdgpkd9uGrbkZPch0XbYYG5Ij54lM2LKBqZ7RcAgtGToR8nJ/vyMCv9kJ
> ivPmPX6Jr/CYxw1gKNprpEAV9GiaI70rGDazW7bM9s94LVuEJmOt4bJzVnYzY3wK
> cz1UAnHZ3MWM8HmYj3Awl4elBmtFpiYJR8tfrc9pyOPSZir78ZvCdA==
> =KFNn
> -----END PGP SIGNATURE-----
>
> Bye,
> Thomas
> --
> Thomas Biege, SuSE GmbH, Schanzaeckerstr. 10, 90443 Nuernberg
> E@mail: thomas@suse.de Function: Security Support & Auditing
> "lynx -source http://www.suse.de/~thomas/thomas.pgp | pgp -fka"
> Key fingerprint = 51 AD B9 C7 34 FC F2 54 01 4A 1C D4 66 64 09 84
>
>
> --
> To unsubscribe, e-mail: suse-security-announce-unsubscribe@suse.com
> For additional commands, e-mail: suse-security-announce-help@suse.com
>
____________________ HylaFAX(tm) Users Mailing List _______________________
To unsub: mail -s unsubscribe hylafax-users-request@hylafax.org < /dev/null