Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 11 Sep 2008 11:25:10 +0200
From: Robert Buchholz <rbu@...too.org>
To: oss-security@...ts.openwall.com
Subject: Re: ssmtp =2.62 unitialized memory disclosure

On Tuesday 09 September 2008, Robert Buchholz wrote:
> Hi,
>
> Maurice van der Pot of Gentoo reported a bug in ssmtp 2.62:
> The from_format() function in ssmtp.c will call strdup() on an
> unitialized memory if the user's gecos is unset and
> "FromLineOverride" is disabled in the configuration. This might
> disclose memory contents by sending them off in the the "From:" field
> of an email or cause a (client) crash.
>
> We're handling this as bug 234391 [ https://bugs.gentoo.org/234391 ].
> Patch: https://bugs.gentoo.org/attachment.cgi?id=165005
>
> ssmtp 2.61 is not affected.

As Tomas Hoger pointed out on IRC, 2.61 is affected as well -- I 
accidently checked our patched sources and not the vanilla tarball.
We added a patch to 2.61 in 2006, and accidently dropped it when bumping 
to 2.62.
Back then, this was bug 127592 [ https://bugs.gentoo.org/127592 ].

Thanks,
Robert

Download attachment "signature.asc " of type "application/pgp-signature" (836 bytes)

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.