-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 634-1 security@xxxxxxxxxx http://www.debian.org/security/ Martin Schulze January 11th, 2005 http://www.debian.org/security/faq - -------------------------------------------------------------------------- Package : hylafax Vulnerability : weak hostname and username validation Problem-Type : local/remote Debian-specific: no CVE ID : CAN-2004-1182 Patrice Fournier discovered a vulnerability in the authorisation subsystem of hylafax, a flexible client/server fax system. A local or remote user guessing the contents of the hosts.hfaxd database could gain unauthorised access to the fax system. Some installations of hylafax may actually utilise the weak hostname and username validation for authorized uses. For example, hosts.hfaxd entries that may be common are 192.168.0 username:uid:pass:adminpass user@host After updating, these entries will need to be modified in order to continue to function. Respectively, the correct entries should be 192.168.0.[0-9]+ username@:uid:pass:adminpass user@host Unless such maching of "username" with "otherusername" and "host" with "hostname" is desired, the proper form of these entries should include the delimiter and markers like this @192.168.0.[0-9]+$ ^username@:uid:pass:adminpass ^user@host$ For the stable distribution (woody) this problem has been fixed in version 4.1.1-3.1. For the unstable distribution (sid) this problem has been fixed in version 4.2.1-1. We recommend that you upgrade your hylafax packages. Upgrade Instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.0 alias woody - -------------------------------- Source archives: http://security.debian.org/pool/updates/main/h/hylafax/hylafax_4.1.1-3.1.dsc Size/MD5 checksum: 739 1f06652425050fe27826e5cc1a6c23ff http://security.debian.org/pool/updates/main/h/hylafax/hylafax_4.1.1-3.1.diff.gz Size/MD5 checksum: 115695 79a4e2c1a5c4d0fc8920b8c86b67d3ba http://security.debian.org/pool/updates/main/h/hylafax/hylafax_4.1.1.orig.tar.gz Size/MD5 checksum: 1287689 1ed081750be70a800708699b7568e17e Architecture independent components: http://security.debian.org/pool/updates/main/h/hylafax/hylafax-doc_4.1.1-3.1_all.deb Size/MD5 checksum: 318204 e8e94228255e35a1b5ccec1605405a53 Alpha architecture: http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.1.1-3.1_alpha.deb Size/MD5 checksum: 556274 9e1f383c7d6949a4dd8b36c661ea62fd http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.1.1-3.1_alpha.deb Size/MD5 checksum: 1362416 61b25a20d4627904e2d04355724ec7b5 ARM architecture: http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.1.1-3.1_arm.deb Size/MD5 checksum: 445564 53d052214836978819eda025cb0556af http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.1.1-3.1_arm.deb Size/MD5 checksum: 1095574 e109dd83be65856939e4ad9d708e70ff Intel IA-32 architecture: http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.1.1-3.1_i386.deb Size/MD5 checksum: 462598 57fb47be9b22cc74f4d72fd1e8230e29 http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.1.1-3.1_i386.deb Size/MD5 checksum: 1132694 9f8aa28b677b3a6c57182e54d6908262 Intel IA-64 architecture: http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.1.1-3.1_ia64.deb Size/MD5 checksum: 615696 89157ac78717f6a487a996dccf7e204d http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.1.1-3.1_ia64.deb Size/MD5 checksum: 1491800 95a9c52342251ed55f79ffb5baeda567 HP Precision architecture: http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.1.1-3.1_hppa.deb Size/MD5 checksum: 501548 ff673c6c47e8d64ea0ec9e2b02d51cb5 http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.1.1-3.1_hppa.deb Size/MD5 checksum: 1231206 aad630516c55efd0ba9843fae532af30 Motorola 680x0 architecture: http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.1.1-3.1_m68k.deb Size/MD5 checksum: 451214 ba331696f8fdaf75794aa43bee08363d http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.1.1-3.1_m68k.deb Size/MD5 checksum: 1100004 dbe19e34a750650e659d26424e3b8b66 PowerPC architecture: http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.1.1-3.1_powerpc.deb Size/MD5 checksum: 450314 30e9b943f372fa583fa040300e8fab8e http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.1.1-3.1_powerpc.deb Size/MD5 checksum: 1104150 7ac3cb5c8abd26531e733401bff8c585 IBM S/390 architecture: http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.1.1-3.1_s390.deb Size/MD5 checksum: 441190 f965904a1dd15e4fd1f6b79be39eedc2 http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.1.1-3.1_s390.deb Size/MD5 checksum: 1086806 8c7900e8c59149f95dd6f12bc5f02d9f Sun Sparc architecture: http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.1.1-3.1_sparc.deb Size/MD5 checksum: 433580 b05f2aa9f1a6f3ef907b05a5921ed232 http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.1.1-3.1_sparc.deb Size/MD5 checksum: 1082482 e2dce8bb66267336dca745dab65836ac These files will probably be moved into the stable distribution on its next update. - --------------------------------------------------------------------------------- For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@xxxxxxxxxxxxxxxx Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (GNU/Linux) iD8DBQFB5AbBW5ql+IAeqTIRAs69AJ9s4pey57CprKOuM/rLp61ylR0R9QCguJlX J+HyAECebEppKFU+I+FkyoI= =zg0F -----END PGP SIGNATURE-----
