LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: October 31st, 2014
Linux Security Week: October 27th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Debian: New hylafax packages fix arbitrary command execution Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Debian Patrice Fournier found that hylafax passes unsanitized user data in the notify script, allowing users with the ability to submit jobs to run arbitrary commands with the privileges of the hylafax server.
- --------------------------------------------------------------------------
Debian Security Advisory DSA 933-1                     security@debian.org
http://www.debian.org/security/                              Michael Stone
January 9, 2006                         http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : hylafax
Vulnerability  : arbitrary command execution
Problem-Type   : local
Debian-specific: no
CVE ID         : CVE-2005-3539

Patrice Fournier found that hylafax passes unsanitized user data in the
notify script, allowing users with the ability to submit jobs to run
arbitrary commands  with the privileges of the hylafax server.

For the old stable distribution (woody) this problem has been fixed in
version 4.1.1-4woody1.

For the stable distribution (sarge) this problem has been fixed in
version 4.2.1-5sarge3.

For the unstable distribution the problem has been fixed in version
4.2.4-2.

We recommend that you upgrade your hylafax package.


Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.0 alias woody
- --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/h/hylafax/hylafax_4.1.1-4woody1.dsc
      Size/MD5 checksum:      800 c9fd457c2782971a41c8328435b00ece
    http://security.debian.org/pool/updates/main/h/hylafax/hylafax_4.1.1-4woody1.diff.gz
      Size/MD5 checksum:   116777 a2c212abd4a22134b673b3df345cb779
    http://security.debian.org/pool/updates/main/h/hylafax/hylafax_4.1.1.orig.tar.gz
      Size/MD5 checksum:  1287689 1ed081750be70a800708699b7568e17e

  Architecture independent components:

    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-doc_4.1.1-4woody1_all.deb
      Size/MD5 checksum:   318384 bf2352b27b55b6a6b66acd8184864ed5

  Alpha architecture:

    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.1.1-4woody1_alpha.deb
      Size/MD5 checksum:   556394 4acfe414a92ca39dd08d945927134fde
    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.1.1-4woody1_alpha.deb
      Size/MD5 checksum:  1362704 7c5d2805a86e35f77fbdc320608eae21

  ARM architecture:

    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.1.1-4woody1_arm.deb
      Size/MD5 checksum:   445742 bd7631c263e79ba1fa222616fab0814c
    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.1.1-4woody1_arm.deb
      Size/MD5 checksum:  1096024 a5bccc072005832e21a63af6cd355d80

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.1.1-4woody1_i386.deb
      Size/MD5 checksum:   462478 a1b1d1ffb63fa002602fa817985c10d4
    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.1.1-4woody1_i386.deb
      Size/MD5 checksum:  1132898 f7f7933a5c26c69048628d20c6d8c6e2

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.1.1-4woody1_ia64.deb
      Size/MD5 checksum:   615750 9dd3e91618a0b7ff630fc8e73472be90
    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.1.1-4woody1_ia64.deb
      Size/MD5 checksum:  1491998 fcfa52b30bf30151ce3d9c9c283738b2

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.1.1-4woody1_hppa.deb
      Size/MD5 checksum:   501764 532a01a8b1c509fff8640a63743f27b0
    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.1.1-4woody1_hppa.deb
      Size/MD5 checksum:  1231584 2d3a3a7072c00e4fc71bb48045aac459

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.1.1-4woody1_m68k.deb
      Size/MD5 checksum:   451356 52f1e0515d0dc3f88b25de500aa8916c
    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.1.1-4woody1_m68k.deb
      Size/MD5 checksum:  1100320 294aa660f86c7090eb0092755a788009

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.1.1-4woody1_powerpc.deb
      Size/MD5 checksum:   450900 349b2498e9ca56c63e219911b79e2953
    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.1.1-4woody1_powerpc.deb
      Size/MD5 checksum:  1104560 48b998cf768a2ff858c948e5892b32c4

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.1.1-4woody1_s390.deb
      Size/MD5 checksum:   441344 51762120b318ed4c800a12e28242b5fa
    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.1.1-4woody1_s390.deb
      Size/MD5 checksum:  1087136 ba81545268b85fa2783814ca8322d3b3

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.1.1-4woody1_sparc.deb
      Size/MD5 checksum:   433674 4786a267f600ba71c8f9c80a1f371439
    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.1.1-4woody1_sparc.deb
      Size/MD5 checksum:  1082890 6bdc5a6359c4b953f5127031af69cbe2


Debian GNU/Linux 3.1 alias sarge
- --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/h/hylafax/hylafax_4.2.1-5sarge3.dsc
      Size/MD5 checksum:      746 1202e740bcb10a01977c98f6967d2da4
    http://security.debian.org/pool/updates/main/h/hylafax/hylafax_4.2.1-5sarge3.diff.gz
      Size/MD5 checksum:    51922 e7d0531c64d48a9907e1a9c73b882bff
    http://security.debian.org/pool/updates/main/h/hylafax/hylafax_4.2.1.orig.tar.gz
      Size/MD5 checksum:  1412035 05430e41a279d0fff6d6e4b444440829

  Architecture independent components:

    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-doc_4.2.1-5sarge3_all.deb
      Size/MD5 checksum:   372578 70db2ce1b777e475cbe3335abc31a5a6

  Alpha architecture:

    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.2.1-5sarge3_alpha.deb
      Size/MD5 checksum:   373996 440dedf0a21a7ea99573ff9a0c8eb675
    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.2.1-5sarge3_alpha.deb
      Size/MD5 checksum:   863606 cff4540597762579538d71e447b09f01

  AMD64 architecture:

    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.2.1-5sarge3_amd64.deb
      Size/MD5 checksum:   350894 a8040ccfde418e5cdf9f353f8b7471d9
    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.2.1-5sarge3_amd64.deb
      Size/MD5 checksum:   801152 977bdc76fc44339599770227ba93befc

  ARM architecture:

    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.2.1-5sarge3_arm.deb
      Size/MD5 checksum:   342534 a79825720236fdafac2c6a7841b1fdec
    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.2.1-5sarge3_arm.deb
      Size/MD5 checksum:   808884 10810889ed1c044fb1fec91af88184b2

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.2.1-5sarge3_i386.deb
      Size/MD5 checksum:   348172 0b3837a725542ab94fe7525beb54926d
    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.2.1-5sarge3_i386.deb
      Size/MD5 checksum:   805786 05e61ba137faedbaf4a6d4b3faf0cce6

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.2.1-5sarge3_ia64.deb
      Size/MD5 checksum:   402530 a592a7397d1b75dc541584e3e10cbd23
    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.2.1-5sarge3_ia64.deb
      Size/MD5 checksum:   924558 eb3701170b63c4ca617c93c74aa59f76

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.2.1-5sarge3_hppa.deb
      Size/MD5 checksum:   402386 7ec015549d9aa57e5a8e037deb6edb32
    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.2.1-5sarge3_hppa.deb
      Size/MD5 checksum:   911520 948195eaaf686a5cffa3237df90d8504

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.2.1-5sarge3_m68k.deb
      Size/MD5 checksum:   345380 635f021fb40dbdd09c138608e64c309c
    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.2.1-5sarge3_m68k.deb
      Size/MD5 checksum:   784438 3bc0f358363b448d3f8e72f95743a9fe

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.2.1-5sarge3_mips.deb
      Size/MD5 checksum:   352748 a65a3fcfffc4ec111fe4237a92734254
    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.2.1-5sarge3_mips.deb
      Size/MD5 checksum:   836146 17146c51624cfc1f7c7eaac74c483f21

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.2.1-5sarge3_mipsel.deb
      Size/MD5 checksum:   350272 d5d512363681880db5e3d587021cab19
    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.2.1-5sarge3_mipsel.deb
      Size/MD5 checksum:   831156 b06e0395c7b347093f2f9e1fe9673b91

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.2.1-5sarge3_powerpc.deb
      Size/MD5 checksum:   356672 778a434ea9e2e73d85ee8b7eaec4062c
    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.2.1-5sarge3_powerpc.deb
      Size/MD5 checksum:   819686 4e82d570b0ffe822945814f90a5c175c

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.2.1-5sarge3_s390.deb
      Size/MD5 checksum:   339480 5afce0e8172e75b1b39d0086f69c5e0a
    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.2.1-5sarge3_s390.deb
      Size/MD5 checksum:   767944 bc881199411dce80be644491b031af07

  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Pirate Bay founder guilty in historic hacker case
Parallels CTO: Linux container security is not the problem
Advisory says to assume all Drupal 7 websites are compromised
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.