Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Mon, 26 Jul 2010 10:46:14 +0200
From: Jan Lieskovsky <jlieskov@...hat.com>
To: "Steven M. Christey" <coley@...us.mitre.org>
CC: oss-security <oss-security@...ts.openwall.com>
Subject: CVE-2008-id Request -- ssmtp -- standardise() -- Buffer overflow

Hi Steve, vendors,

   Brendan Boerner reported:
   [1] https://bugs.launchpad.net/ubuntu/+source/ssmtp/+bug/282424

a deficiency in the way ssmtp removed trailing '\n' sequence
by processing lines beginning with a leading dot. A local user,
could send a specially-crafted e-mail message via ssmtp send-only
sendmail emulator, leading to ssmtp executable denial of service (exit with:
ssmtp: standardise() -- Buffer overflow). Different vulnerability
than CVE-2008-3962.

References:
   [2] https://bugzilla.redhat.com/show_bug.cgi?id=582236
   [3] https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-3962
   [4] http://patch-tracker.debian.org/package/ssmtp/2.62-3
   [5] http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041012.html
   [6] http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041009.html
   [7] http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041119.html

Debian Linux distribution patch:
   [8] http://patch-tracker.debian.org/patch/series/view/ssmtp/2.62-3/345780-standardise-bufsize

Public PoC (from https://bugzilla.redhat.com/show_bug.cgi?id=582236#c0):
   [9] ( 0. Install & configure ssmtp, of course )
         1. (echo -n . ; for i in {1..2050} ; do echo -n $i ; done) | mail root

Couldn't find CVE-2008-XXXX ssmtp identifier for this
(http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=ssmtp).

Steve, could you allocate one?

Thanks && Regards, Jan.
--
Jan iankko Lieskovsky / Red Hat Security Response Team

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.