LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: August 29th, 2014
Linux Security Week: August 25th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
SuSE: 'eperl' buffer overflows Print E-mail
User Rating:      How can I rate this item?
Posted by LinuxSecurity.com Team   
SuSE Fumitoshi Ukai and Denis Barbier have found several potential buffer overflows, which could lead to local privilege escalation if installed setuid or to remote compromise.

______________________________________________________________________________

                        SuSE Security Announcement

        Package:                eperl
        Announcement-ID:        SuSE-SA:2001:08
        Date:                   Tuesday, March 27th, 2001 16.00 MEST
        Affected SuSE versions: 6.3, 6.4, 7.0, 7.1
        Vulnerability Type:     local and remote compromise
        Severity (1-10):        6
        SuSE default package:   no
        Other affected systems: all system using eperl package

        Content of this advisory:
        1) security vulnerability resolved: eperl
           problem description, discussion, solution and upgrade information
        2) pending vulnerabilities, solutions, workarounds
        3) standard appendix (further information)

______________________________________________________________________________

1)  problem description, brief discussion, solution, upgrade information

    The ePerl program is a interpreter for the Embedded Perl 5 Language.
    It's main purpose is to serve as Webserver scripting language for dynamic
    HTML page programming. Besides this it could also serve as a standalone
    Unix filter.
    Fumitoshi Ukai and Denis Barbier have found several potential buffer
    overflows, which could lead to local privilege escalation if installed
    setuid (note: it's not installed setuid per default) or to remote
    compromise.

    There is currently no efficient measure against the security problems
    in the eperl perl interpreter other than not using or updating it.
    SuSE provides update packages for the defective software.

    SuSE Linux version before 6.3 don't include the eperl package.

    Download the update package from locations described below and install
    the package with the command `rpm -Uhv file.rpm'. The md5sum for each
    file is in the line below. You can verify the integrity of the rpm
    files using the command
        `rpm --checksig --nogpg file.rpm',
    independently from the md5 signatures below.


    i386 Intel Platform:

    SuSE-7.1
     ftp://ftp.suse.com/pub/suse/i386/update/7.1/d2/eperl-2.2.14-206.i386.rpm
      e613b06d47dcfb7bbcea8c3d0c0e678b
    source rpm:
     ftp://ftp.suse.com/pub/suse/i386/update/7.1/zq1/eperl-2.2.14-206.src.rpm
      c58a95f3b8ae757ea4d72f3157e2ea62

    SuSE-7.0
     ftp://ftp.suse.com/pub/suse/i386/update/7.0/d1/eperl-2.2.14-203.i386.rpm
      e66520cc0062e25495941542dd5b1f82
    source rpm:
     ftp://ftp.suse.com/pub/suse/i386/update/7.0/zq1/eperl-2.2.14-203.src.rpm
      34d6682524154c9fb7b5fbec4f4ea82e

    SuSE-6.4
     ftp://ftp.suse.com/pub/suse/i386/update/6.4/d1/eperl-2.2.14-203.i386.rpm
      4b6a5a89899320a8eeb35c149ae111f5
    source rpm:
     ftp://ftp.suse.com/pub/suse/i386/update/6.4/zq1/eperl-2.2.14-203.src.rpm
      062b14716e52f2649f4380a6a6e4e7f9

    SuSE-6.3
     ftp://ftp.suse.com/pub/suse/i386/update/6.3/d1/eperl-2.2.14-202.i386.rpm
      ba75d7f4a64329a3b5c324b3f0742575
    source rpm:
     ftp://ftp.suse.com/pub/suse/i386/update/6.3/zq1/eperl-2.2.14-202.src.rpm
      c7ae001d4668ba3a0524f94429b1e4e6


    Sparc Platform:

    SuSE-7.1
     ftp://ftp.suse.com/pub/suse/sparc/update/7.1/d2/eperl-2.2.14-193.sparc.rpm
      9752f8b9df6ac1ffdc68cb4b552d6491
    source rpm:
     ftp://ftp.suse.com/pub/suse/sparc/update/7.1/zq1/eperl-2.2.14-193.src.rpm
      f09a1ce9288c201ae63e193914fc84ce

    SuSE-7.0
     ftp://ftp.suse.com/pub/suse/sparc/update/7.0/d1/eperl-2.2.14-191.sparc.rpm
      900eddc134215569fc88d11ce14c11f3
    source rpm:
     ftp://ftp.suse.com/pub/suse/sparc/update/7.0/zq1/eperl-2.2.14-191.src.rpm
      76aaa0efa8ae1c84b80201f73462fc26


    AXP Alpha Platform:

    SuSE-7.0
     ftp://ftp.suse.com/pub/suse/axp/update/7.0/d1/eperl-2.2.14-195.alpha.rpm
      d7b4be8d988f8cd501a33f9d2fb12a07
    source rpm:
     ftp://ftp.suse.com/pub/suse/axp/update/7.0/zq1/eperl-2.2.14-195.src.rpm
      b0379287f9078fcd244cc720fad92c4d

    SuSE-6.4
     ftp://ftp.suse.com/pub/suse/axp/update/6.4/d1/eperl-2.2.14-195.alpha.rpm
      78241206bc1b3927effdb5b1aa4d0ed5
    source rpm:
     ftp://ftp.suse.com/pub/suse/axp/update/6.4/zq1/eperl-2.2.14-195.src.rpm
      325a04ec8c5c3da6b9c2fdf4e2c6c901

    SuSE-6.3
     ftp://ftp.suse.com/pub/suse/axp/update/6.3/d1/eperl-2.2.14-194.alpha.rpm
      88a09004e5c0c2e6174785207e111318
    source rpm:
     ftp://ftp.suse.com/pub/suse/axp/update/6.3/zq1/eperl-2.2.14-194.src.rpm
      a04cfa3e64aac49f6c148992e9a50189


    PPC Power PC Platform:

    SuSE-7.1
     ftp://ftp.suse.com/pub/suse/ppc/update/7.1/d2/eperl-2.2.14-178.ppc.rpm
      3e05c702aca97db476155054d113ff95
    source rpm:
     ftp://ftp.suse.com/pub/suse/ppc/update/7.1/zq1/eperl-2.2.14-178.src.rpm
      67849b0c1c053eca482508fe2eac3042

    SuSE-7.0
     ftp://ftp.suse.com/pub/suse/ppc/update/7.0/d1/eperl-2.2.14-177.ppc.rpm
      35584e2f1bcebced98fad2ae241824da
    source rpm:
     ftp://ftp.suse.com/pub/suse/ppc/update/7.0/zq1/eperl-2.2.14-177.src.rpm
      98046dce35c4adfba57cc54c018376d7

    SuSE-6.4
     ftp://ftp.suse.com/pub/suse/ppc/update/6.4/d1/eperl-2.2.14-176.ppc.rpm
      9c36bad7ec2e8f6c31307729c7d21bc8
    source rpm:
     ftp://ftp.suse.com/pub/suse/ppc/update/6.4/zq1/eperl-2.2.14-176.src.rpm
      eeaf1144dd659fe13b6a943bf40bf65b


    S/390 Platform:

    SuSE-7.0
     ftp://ftp.suse.com/pub/suse/s390/update/7.0/d1/eperl-2.2.14-182.s390.rpm
      416974a30c9c9e435e028f2807e15a51
    source rpm:
     ftp://ftp.suse.com/pub/suse/s390/update/7.0/zq1/eperl-2.2.14-182.src.rpm
      b14c7d9cbb969cda54b0d9f599f1b5cc

______________________________________________________________________________

2)  Pending vulnerabilities in SuSE Distributions and Workarounds:

    - We are in the process of preparing update packages for the man package
      which has been found vulnerable to a commandline format string bug.
      The man command is installed suid man on SuSE systems. When exploited,
      the bug can be used to install a different man binary to introduce a
      trojan into the system. As an interim workaround, we recommend to
      `chmod -s /usr/bin/man´ and ignore the warnings and errors when
      viewing manpages.

    - The file browser MidnightCommander (mc) is vulnerable to unwanted
      program execution. Updates are currently being built.

    - Two bugs were found in the text editor vim. These bugs are currently
      being fixed.

    - A bufferoverflow in sudo was discovered and fixed RPMs will be
      available as soon as possible. A exploit was not made public until
      now.

______________________________________________________________________________

3)  standard appendix:

    SuSE runs two security mailing lists to which any interested party may
    subscribe:

    suse-security@suse.com
        -   general/linux/SuSE security discussion.
            All SuSE security announcements are sent to this list.
            To subscribe, send an email to
                <suse-security-subscribe@suse.com>.

    suse-security-announce@suse.com
        -   SuSE's announce-only mailing list.
            Only SuSE's security annoucements are sent to this list.
            To subscribe, send an email to
                <suse-security-announce-subscribe@suse.com>.

    For general information or the frequently asked questions (faq)
    send mail to:
        <suse-security-info@suse.com> or
        <suse-security-faq@suse.com> respectively.

    ===============================================
    SuSE's security contact is <security@suse.com>.
    ===============================================

______________________________________________________________________________

  The information in this advisory may be distributed or reproduced,
  provided that the advisory is not modified in any way.
  SuSE GmbH makes no warranties of any kind whatsoever with respect
  to the information contained in this security advisory.

______________________________________________________________________________



 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Weekend Edition
How Cops and Hackers Could Abuse California’s New Phone Kill-Switch Law
Why Russian hackers are beating us
DQ Breach? HQ Says No, But Would it Know?
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.