ISS X-Force Database: fetchmail-multidrop-bo(10203): Fetchmail multi-drop mode multiple buffer overflows

Fetchmail multi-drop mode multiple buffer overflows

fetchmail-multidrop-bo (10203)

High Risk

Description:

Fetchmail is vulnerable to multiple buffer overflows that could occur when Fetchmail is configured to run in the multi-drop mode. By sending a malicious email with malformed mail header data, a remote attacker can overflow a buffer and execute arbitrary code on the system with privileges of the Fetchmail daemon, possibly root, or cause the Fetchmail daemon to crash.

Consequences:

Gain Access

Remedy:

Upgrade to the latest version of Fetchmail (6.1.0 or later), available from the Fetchmail Web page. See References.

For Gentoo Linux containing the fetchmail packages:
Upgrade versions net-mail/fetchmai-0.59.14 and earlier, as listed in Gentoo Linux Security Announcement 2002-10-01 09:30 UTC . See References.

For EnGarde Secure Linux: Community Edition:
Upgrade to the latest version of fetchmail-ssl (6.1.0-1.0.5 or later), as listed in EnGarde Secure Linux Security Advisory ESA-20021003-023. See References.

For Debian GNU/Linux:
Upgrade to the latest fetchmail package, as listed below. Refer to DSA-171-1 for more information. See References.

Debian GNU/Linux 2.2 (potato): 5.3.3-4.2 or later Debian GNU/Linux 3.0 (woody): 5.9.11-6.1 or later

For Red Hat Linux:
Upgrade to the latest fetchmail package, as listed below. Refer to RHSA-2002:215-09 for more information. See References.

Red Hat Linux 6.2: 5.9.0-18 or later
Red Hat Linux 7.0: 5.9.0-19 or later
Red Hat Linux 7.2 and 7.3: 5.9.0-20 or later
Red Hat Linux 8.0: 5.9.0-21 or later

For Conectiva Linux:
Upgrade to the latest fetchmail package, as listed below. Refer to Conectiva Linux Announcement CLSA-2002:531. See References.

Conectiva Linux 6.0: 5.9.12-1U60_3cl or later
Conectiva Linux 7.0: 5.9.12-1U70_3cl or later
Conectiva Linux 8.0: 5.9.12-1U80_2cl or later

Apply the appropriate patch for your system, as listed in Sun Alert ID: 47784. See References.

For other distributions:
Contact your vendor for upgrade or patch information.

References:

Conectiva Linux Announcement CLSA-2002:531: Multidrop mode vulnerabilities.
e-matters Security Advisory 03/2002: Fetchmail remote vulnerabilities.
EnGarde Secure Linux Security Advisory ESA-20021003-023: buffer overflows and broken boundary checks.
Fetchmail Web Page: The fetchmail Home Page.
Gentoo Linux Security Announcement 2002-10-01 09:30 UTC: fetchmail.
Sun Alert ID: 47784: Sun Linux/Sun Cobalt Security Vulnerability in "fetchmail".
BID-5825: Eric S. Raymond Fetchmail Email Header Parsing Buffer Overflow Vulnerability
BID-5826: Eric S. Raymond Fetchmail Multidrop Mode Denial Of Service Vulnerability
BID-5827: Eric S. Raymond Fetchmail Multidrop Mode Email Header Parsing Heap Overflow Vulnerability
CVE-2002-1174: Buffer overflows in Fetchmail 6.0.0 and earlier allow remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) long headers that are not properly processed by the readheaders function, or (2) via long Received: headers, which are not properly parsed by the parse_received function.
CVE-2002-1175: The getmxrecord function in Fetchmail 6.0.0 and earlier does not properly check the boundary of a particular malformed DNS packet from a malicious DNS server, which allows remote attackers to cause a denial of service (crash) when Fetchmail attempts to read data beyond the expected boundary.
DSA-171: fetchmail -- buffer overflows
MDKSA-2002:063: Updated fetchmail packages fix various vulnerabilities
RHSA-2002-215: Updated fetchmail packages fix vulnerabilities
RHSA-2002-216: fetchmail security update
RHSA-2003-155: Updated Fetchmail packages fix security vulnerabilities

Platforms Affected:

Conectiva Linux 6.0
Conectiva Linux 7.0
Conectiva Linux 8.0
Debian Debian Linux 2.2
Debian Debian Linux 3.0
EngardeLinux Secure Linux
Eric S. Raymond Fetchmail 6.0.0
Gentoo Linux
RedHat Enterprise Linux 2.1 AS
RedHat Linux 6.2
RedHat Linux 7
RedHat Linux 7.1
RedHat Linux 7.1 for iSeries
RedHat Linux 7.1 for pSeries
RedHat Linux 7.2
RedHat Linux 7.3
RedHat Linux 8.0
Sun Solaris 5.0

Reported:

Sep 23, 2002

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page