[hylafax-users] FYI: FW: [suse-security-announce] SuSE Security Announcement: hylafax (SuSE-SA:2001:15)

To: <hylafax-users@hylafax.org>
Subject: [hylafax-users] FYI: FW: [suse-security-announce] SuSE Security Announcement: hylafax (SuSE-SA:2001:15)
From: "Bernd Proissl" <lists@proissl.de>
Reply-To: <lists@proissl.de>
Date: Sat, 21 Apr 2001 12:44:01 +0200



> -----Original Message-----
> From: Thomas Biege [mailto:thomas@suse.de] 
> Sent: Friday, April 20, 2001 11:34 AM
> To: suse-security-announce@suse.com
> Subject: [suse-security-announce] SuSE Security Announcement: hylafax
> (SuSE-SA:2001:15)
> 
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> 
> ______________________________________________________________________________
> 
>                         SuSE Security Announcement
> 
>         Package:                hylafax
>         Announcement-ID:        SuSE-SA:2001:15
>         Date:                   Friday, April 20th, 2001 10.26 MEST
>         Affected SuSE versions: [6.1, 6.2,] 6.3, 6.4, 7.0, 7.1
>         Vulnerability Type:     local root compromise
>         Severity (1-10):        7
>         SuSE default package:   no
>         Other affected systems: all systems using hylafax
> 
>         Content of this advisory:
>         1) security vulnerability resolved: hylafax
>            problem description, discussion, solution and upgrade information
>         2) pending vulnerabilities, solutions, workarounds
>         3) standard appendix (further information)
> 
> ______________________________________________________________________________
> 
> 1)  problem description, brief discussion, solution, upgrade information
> 
>     The HylaFax program hfaxd(8c) implements the server part of the
>     HylaFax package. It is started either by inetd(8) or runs in
>     standalone mode. hfaxd(8c) offers three different protocols to
>     process fax jobs.
>     When hfaxd(8c) tries to change to it's queue directory and fails,
>     it prints an error message via syslog by directly passing user
>     supplied data as format string. As long as hfaxd(8c) is installed
>     setuid root, this behavior could be exploited to gain root access
>     locally.
> 
>     As a workaround remove the setuid bit:
>       /bin/chmod u-s /usr/lib/fax/hfaxd
>     or restrict access to trusted users only:
>       /bin/chown root.trusted /usr/lib/fax/hfaxd
>       /bin/chmod 4750 /usr/lib/fax/hfaxd
> 
>     Download the update package from locations described below and install
>     the package with the command `rpm -Uhv file.rpm'. The md5sum for each
>     file is in the line below. You can verify the integrity of the rpm
>     files using the command
>         `rpm --checksig --nogpg file.rpm',
>     independently from the md5 signatures below.
> 
> 
> 
>     i386 Intel Platform:
> 
>     SuSE-7.1
>     ftp://ftp.suse.com/pub/suse/i386/update/7.1/n3/hylafax-4.1beta2-251.i386.rpm
>       a3d5d0d5a8977852b02dc9b7352054aa
>     source rpm:
>     ftp://ftp.suse.com/pub/suse/i386/update/7.1/zq1/hylafax-4.1beta2-251.src.rpm
>       b5c8877de53db86eabfae932142221d7
> 
>     SuSE-7.0
>     ftp://ftp.suse.com/pub/suse/i386/update/7.0/n2/hylafax-4.1beta2-254.i386.rpm
>       5be3094195a789d83b02d59ab343d7b5
>     source rpm:
>     ftp://ftp.suse.com/pub/suse/i386/update/7.0/zq1/hylafax-4.1beta2-254.src.rpm
>       87ee1d77eea95eac74c6b8355912ad9f
> 
>     SuSE-6.4
>     ftp://ftp.suse.com/pub/suse/i386/update/6.4/n2/hylafax-4.1beta2-253.i386.rpm
>       90a894b8d47a94125992f3a64a6ada44
>     source rpm:
>     ftp://ftp.suse.com/pub/suse/i386/update/6.4/zq1/hylafax-4.1beta2-253.src.rpm
>       7b53ca017efdd9371c9a6207095a8c2f
> 
>     SuSE-6.3
>     ftp://ftp.suse.com/pub/suse/i386/update/6.3/n2/hylafax-4.1beta2-252.i386.rpm
>       340e64a902a2e3f73b7d1771739c5b59
>     source rpm:
>     ftp://ftp.suse.com/pub/suse/i386/update/6.3/zq1/hylafax-4.1beta2-252.src.rpm
>       edb05a6191ab7d5533d1d9eb9ef0d255
> 
> 
> 
>     Sparc Platform:
> 
>     SuSE-7.1
>     ftp://ftp.suse.com/pub/suse/sparc/update/7.1/n3/hylafax-4.1beta2-218.sparc.rpm
>       1449e568071f5fb6080efebb8f2a7a2b
>     source rpm:
>     ftp://ftp.suse.com/pub/suse/sparc/update/7.1/zq1/hylafax-4.1beta2-218.src.rpm
>       bf8c780206da51bc548e9fd4264b9bfc
> 
>     SuSE-7.0
>     ftp://ftp.suse.com/pub/suse/sparc/update/7.0/n2/hylafax-4.1beta2-218.sparc.rpm
>       bb265465ea8b84ca31b5c954266daf1d
>     source rpm:
>     ftp://ftp.suse.com/pub/suse/sparc/update/7.0/zq1/hylafax-4.1beta2-218.src.rpm
>       b5bcae601fe056f399fc8696aa156529
> 
> 
> 
>     AXP Alpha Platform:
> 
>     SuSE-7.0
>     ftp://ftp.suse.com/pub/suse/axp/update/7.0/n2/hylafax-4.1beta2-211.alpha.rpm
>       2ee3176e2b425c494bd37d22f2ea090c
>     source rpm:
>     ftp://ftp.suse.com/pub/suse/axp/update/7.0/zq1/hylafax-4.1beta2-211.src.rpm
>       f89c3771432d84a3e7c3ab2f4331d73c
> 
>     SuSE-6.4
>     ftp://ftp.suse.com/pub/suse/axp/update/6.4/n2/hylafax-4.1beta2-211.alpha.rpm
>       5aecfb997867f8f72164f27dc220f95b
>     source rpm:
>     ftp://ftp.suse.com/pub/suse/axp/update/6.4/zq1/hylafax-4.1beta2-211.src.rpm
>       09f1cbb3714dfe75e1aa3ff2a52c13a3
> 
>     SuSE-6.3
>     ftp://ftp.suse.com/pub/suse/axp/update/6.3/n2/hylafax-4.1beta2-211.alpha.rpm
>       39f12bc3f09bab26c60df98a2b52b64e
>     source rpm:
>     ftp://ftp.suse.com/pub/suse/axp/update/6.3/zq1/hylafax-4.1beta2-211.src.rpm
>       6a48eac9982dfca01a1ed904cacfb2c8
> 
> 
> 
>     PPC PowerPC Platform:
> 
>     SuSE-7.1
>     ftp://ftp.suse.com/pub/suse/ppc/update/7.1/n3/hylafax-4.1beta2-164.ppc.rpm
>       a42c7bc70e25a6725d8e2a76870be1d4
>     source rpm:
>     ftp://ftp.suse.com/pub/suse/ppc/update/7.1/zq1/hylafax-4.1beta2-164.src.rpm
>       9c064b869fb7c73f453a254b5f3780be
> 
>     SuSE-7.0
>     ftp://ftp.suse.com/pub/suse/ppc/update/7.0/n2/hylafax-4.1beta2-165.ppc.rpm
>       81387d514f089a7060bc6dacb15358a8
>     source rpm:
>     ftp://ftp.suse.com/pub/suse/ppc/update/7.0/zq1/hylafax-4.1beta2-165.src.rpm
>       35ec2293fb0390cb827935499506ed89
> 
>     SuSE-6.4
>     ftp://ftp.suse.com/pub/suse/ppc/update/6.4/n2/hylafax-4.1beta2-165.ppc.rpm
>       be20c8f1ef2488c8db711744eab2233b
>     source rpm:
>     ftp://ftp.suse.com/pub/suse/ppc/update/6.4/zq1/hylafax-4.1beta2-165.src.rpm
>       4af4d6b8e948b39a1d4040adaad27c0a
> 
> 
> ______________________________________________________________________________
> 
> 2)  Pending vulnerabilities in SuSE Distributions and Workarounds:
> 
>     - Updated man RPMs will be available in a few days.
> 
>     - In the past weeks, some security related bugs in the Linux kernel 2.2
>       and 2.4 were found. An announcement, that addresses this will be
>       released asap.
> 
>     - Samba has serveral security problems, which could lead to local root
>       access. Samba 2.0.8 fixes these problems. New RPMs are currently being
>       built.
> 
> ______________________________________________________________________________
> 
> 3)  standard appendix:
> 
>     SuSE runs two security mailing lists to which any interested party may
>     subscribe:
> 
>     suse-security@suse.com
>         -   general/linux/SuSE security discussion.
>             All SuSE security announcements are sent to this list.
>             To subscribe, send an email to
>                 <suse-security-subscribe@suse.com>.
> 
>     suse-security-announce@suse.com
>         -   SuSE's announce-only mailing list.
>             Only SuSE's security annoucements are sent to this list.
>             To subscribe, send an email to
>                 <suse-security-announce-subscribe@suse.com>.
> 
>     For general information or the frequently asked questions (faq)
>     send mail to:
>         <suse-security-info@suse.com> or
>         <suse-security-faq@suse.com> respectively.
> 
>     ===============================================
>     SuSE's security contact is <security@suse.com>.
>     ===============================================
> 
> ______________________________________________________________________________
> 
>     The information in this advisory may be distributed or reproduced,
>     provided that the advisory is not modified in any way.
>     SuSE GmbH makes no warranties of any kind whatsoever with respect
>     to the information contained in this security advisory.
> 
> 
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6.3i
> Charset: noconv
> 
> iQEVAwUBOuACUHey5gA9JdPZAQHrdwf/TIjn3G879Q4Vb5im5T7CkHr+YF6pGbp4
> NjxEM8j8lSPnXy1iJwYRuSV7UT7Jrcqe2lm008IUMD9xN73ybUjnjiG2dzCYfI52
> xYImtlzTiAlaGVHtnPGBBj7K3MOLqCQsgr2FkjJ6/LOsdFrBSa2BNEcl+fy/9n72
> 2+fZN04hdgpkd9uGrbkZPch0XbYYG5Ij54lM2LKBqZ7RcAgtGToR8nJ/vyMCv9kJ
> ivPmPX6Jr/CYxw1gKNprpEAV9GiaI70rGDazW7bM9s94LVuEJmOt4bJzVnYzY3wK
> cz1UAnHZ3MWM8HmYj3Awl4elBmtFpiYJR8tfrc9pyOPSZir78ZvCdA==
> =KFNn
> -----END PGP SIGNATURE-----
> 
> Bye,
>      Thomas
> -- 
>   Thomas Biege, SuSE GmbH, Schanzaeckerstr. 10, 90443 Nuernberg
>   E@mail: thomas@suse.de      Function: Security Support & Auditing
>   "lynx -source http://www.suse.de/~thomas/thomas.pgp | pgp -fka"
>   Key fingerprint = 51 AD B9 C7 34 FC F2 54  01 4A 1C D4 66 64 09 84
> 
> 
> -- 
> To unsubscribe, e-mail: suse-security-announce-unsubscribe@suse.com
> For additional commands, e-mail: suse-security-announce-help@suse.com
> 


____________________ HylaFAX(tm) Users Mailing List _______________________
 To unsub: mail -s unsubscribe hylafax-users-request@hylafax.org < /dev/null

Follow-Ups:
- Re: [hylafax-users] FYI: FW: [suse-security-announce] SuSE Security Announcement: hylafax (SuSE-SA:2001:15)
  - From: Lee Howard <faxguy@deanox.com>

Prev by Date: Re: [hylafax-users] Mail to Fax Gateway
Next by Date: [hylafax-users] Barcode effect when faxing pages
Prev by thread: Re: [hylafax-users] Mail to Fax Gateway
Next by thread: Re: [hylafax-users] FYI: FW: [suse-security-announce] SuSE Security Announcement: hylafax (SuSE-SA:2001:15)
Index(es):
- Main
- Thread

Project hosted by iFAX Solutions