lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Sat, 29 May 2004 02:02:48 +0300
From: Murat Balaban <murat@...erunix.org>
To: bugtraq@...urityfocus.com
Cc: bug-report@...erunix.org
Subject: EnderUNIX Security Anouncement (Isoqlog and Spamguard)


______________________________________________________________
Package		 	: isoqlog
Date   		 	:	
Affected products	: isoqlog is available
			  for a wide variety of products,
			  and distrubuted as a FreeBSD 
			  port/package.
Vulnerability type	: both local and remote




1. Isoqlog

Isoqlog is an MTA log analysis program written in C. It designed 
to scan qmail, postfix, sendmail and exim logfile and produce 
usage statistics in HTML format for viewing through a browser. 
It produces Top domains output according to Sender, Receiver, 
Total mails and bytes; it keeps your main domain mail statistics 
with regard to Days Top Domain, Top Users values for per day, 
per month and years. 



2. Problem Description
   There are several stack and heap overflows in several routines in
   Parser.c, loadconfig.c, LandCfg.c, Dir.c and Html.c files.


   2.1 Parser.c
	There are several remote buffer overflows in parseQmailFromBytesLine,
	parseQmailToRemoteLine, parseQmailToLocalLine, parseSendmailFromBytesLine,
	parseSendmailToLine, parseEximFromBytesLine, parseEximToLine functions.

	There are several local buffer overflows in lowercase and check_syslog_date
	functions.

   2.2 loadconfig.c
	loadconfig and removespaces function has some code which result in
        buffer overflows.

   2.3 LangCfg.c
	loadLang function has some code which result in buffer overflows.

   2.4 Html.c has some functions which doesn't do bounds checking.


   2.5 Dir.c has some code which result in local buffer overflows.


3. Solution
   Those who are using isoqlog 2.1.1 and isoqlog-devel before May 16, 2004
   should download and install isoqlog 2.2.

   Package source can be downloaded from
	
	http://www.enderunix.org/isoqlog/isoqlog-2.2.tar.gz


4. Contact

   Please feel free to contact bug-report % enderunix dot org for anything.


5. THANKS
   
   Nicolas François for reporting check_syslog_date bug on "May 15, 2004!!!"
   on isoqlog mailing list.



______________________________________________________________
Package		 	: spamguard
Date   		 	:	
Affected products	: spamguard is available
			  for a wide variety of products,
			  and distrubuted as a FreeBSD 
			  port/package.
Vulnerability type	: both local and remote


1. spamguard
spamGuard scans your MTA log files within fixed intervals, which 
can be defined by yourself, say 10 minutes, and if an expression
" from " is matched more than a predefined value, which is of 
course can be cofigured by yourself, spamGuard adds the mail 
address to $BADMAILER file. Therefore any further mails by this 
user will be rejected by your MTA.


2. Problem Description
   There are several stack and heap overflows in several routines in
   parser.c, functions.c loadconfig.c, files.


   2.1 parser.c
	There are several remote buffer overflows in qmail_parseline
        and sendmail_parseline functions.

   2.2 loadconfig.c
	loadconfig and removespaces function has some code which result in
        buffer overflows.

3. Solution
   Those who are using spamguard 1.6 and spamguard-devel before May 16, 2004
   should download and install spamguard 1.7-BETA.

   Package source can be downloaded from
	
	http://www.enderunix.org/spamguard/spamguard-1.7-BETA.tar.gz


4. Contact

   Please feel free to contact bug-report % enderunix dot org for anything.



				<-- Thougts -->

   "Destroying something good has always been damn easy compared to creating
    new work which obsiously requires much more knowledge, talent and brain!".

   This part is dedicated to those newbie lamers vomitting idiotic exploits which 
   need to be run as root to get root ;).

   Turkish people, especially kidz @ core.gen.tr and karatakke.org should read 
   this:

   http://www.enderunix.org/isoqlog/advisory-extension.txt


-- 
 Duydunuz mu! Turkiye'nin ilk FreeBSD kitabi cikti.
 http://www.acikkod.com/freebsd.php


Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists