<span>FreeBSD-SA<span style="color: #cc66cc">-06</span>:13.sendmail<span> </span>Security Advisory
<span> </span>The FreeBSD Project</span>
<span> </span>Temat:<span> </span>Wyścig kondycji w sendmail’u
<span> </span>Kategoria:<span> </span><span> </span>contrib
<span> </span>Moduł:<span> </span><span> </span>contrib_sendmail
<span> </span>Ogłoszono:<span> </span><span> </span>2006-03-22
<span> </span>Podatne wersje: <span> </span>Wszystkie wersje
<span><span> </span>Poprawiono:<span> </span><span> </span>2006-03-22 16:01:08 UTC (RELENG_6, 6.1-STABLE)
<span> </span>2006-03-22 16:01:38 UTC (RELENG_6_0, 6.0-RELEASE-p6)
<span> </span>2006-03-22 16:01:56 UTC (RELENG_5, 5.5-STABLE)<span>
</span>2006-03-22 16:02:17 UTC (RELENG_5_4, 5.4-RELEASE-p13)
<span> </span>2006-03-22 16:02:35 UTC (RELENG_5_3, 5.3-RELEASE-p28)
<span> </span>2006-03-22 16:02:49 UTC (RELENG_4, 4.11-STABLE)
<span> </span>2006-03-22 16:03:05 UTC (RELENG_4_11, 4.11-RELEASE-p16)
<span> </span>2006-03-22 16:03:25 UTC (RELENG_4_10, 4.10-RELEASE-p22)
</span>Nazwa CVE:<span> </span>CVE-2006-0058<span> </span>
W celu pogłębienia informacji dotyczącej Ogłoszeń Bezpieczeństwa FreeBSD, włączając opisy pól powyżej, gałęzi bezpieczeństwa oraz poniższych sekcji proszę odwiedzić:
[URL:http://www.freebsd.org/security/]
I. Podstawy
sendmail(8) jest podstawowym serwerem rozsyłania poczty (MTA) w systemie freebsd.
II. Opis problemu
Obecność wyścigu kondycji została wykryta w obsłudze asynchronicznych sygnałów sendmail'a.
III. Wpływ
Zdalnie atakujący ma możliwość wykonania zdalnie kodu z przywilejami użytkownika
Osoba atakująca zdalnie na serwer poczty, ma możliwość wykonania dowolnego kodu z przywilejami użytkownika na którym działa obecnie sendmail.
IV. Obejście
Brak, lub wyłączenie sendmail’a.
V. Rozwiązanie
Wykonać jedno z poniższych:
1) Uaktualnić wadliwy system do 4-STABLE, 5-STABLE, 6-STABLE lub do RELENG_6_0, RELENG_5_4, RELENG_5_3, RELENG_4_11, RELENG_4_10 z danej gałęzi bezpieczeństwa wydanej po dacie poprawki.
2) Aby załatać obecny system:
Poniższe poprawki zostały sprawdzone w działaniu z FreeBSD 4.10, 4.11, 5.3, 5.4, 6.0.
a) Pobrać odpowiednią łatkę z lokalizacji podanych poniżej. Sprawdzić podpis PGP, narzędziem jakie posiadasz.
[FreeBSD 4.10]
# fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:13/sendmail410.patch
# fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:13/sendmail410.patch.asc
[FreeBSD 4.11 and FreeBSD 5.3]
# fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:13/sendmail411.patch
# fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:13/sendmail411.patch.asc
[FreeBSD 5.4, and FreeBSD 6.x]
# fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:13/sendmail.patch
# fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:13/sendmail.patch.asc
b) Wykonać będąc zalogowanym jako root:
# cd /usr/src
# patch < /path/to/patch
# cd /usr/src/lib/libsm
# make obj && make depend && make
# cd /usr/src/lib/libsmutil
# make obj && make depend && make
# cd /usr/src/usr.sbin/sendmail
# make obj && make depend && make && make install
VI. Szczegóły poprawki
Poniższa lista zawiera numery poszczególnych wersji plików które zostały poprawione.
Gałąź
<span> </span>Ścieżka<span> </span>Przegląd
- -------------------------------------------------------------------------
<span>RELENG_4</span>
<span><span> </span>src/contrib/sendmail/libsm/fflush.c<span> </span>1.1.1.1.2.1</span>
<span><span> </span>src/contrib/sendmail/libsm/local.h<span> </span>1.1.1.1.2.6</span>
<span><span> </span>src/contrib/sendmail/libsm/refill.c<span> </span>1.1.1.1.2.4</span>
<span><span> </span>src/contrib/sendmail/src/collect.c<span> </span>1.1.1.4.2.17</span>
<span><span> </span>src/contrib/sendmail/src/conf.c<span> </span>1.5.2.20</span>
<span><span> </span>src/contrib/sendmail/src/deliver.c<span> </span>1.1.1.3.2.20</span>
<span><span> </span>src/contrib/sendmail/src/headers.c<span> </span>1.4.2.16</span>
<span><span> </span>src/contrib/sendmail/src/mime.c<span> </span>1.1.1.3.2.10</span>
<span><span> </span>src/contrib/sendmail/src/parseaddr.c<span> </span>1.1.1.2.6.20</span>
<span><span> </span>src/contrib/sendmail/src/savemail.c<span> </span>1.4.2.13</span>
<span><span> </span>src/contrib/sendmail/src/sendmail.h<span> </span>1.1.1.4.2.22</span>
<span><span> </span>src/contrib/sendmail/src/sfsasl.c<span> </span>1.1.1.1.2.16</span>
<span><span> </span>src/contrib/sendmail/src/sfsasl.h<span> </span>1.1.1.1.2.3</span>
<span><span> </span>src/contrib/sendmail/src/srvrsmtp.c<span> </span>1.1.1.2.6.20</span>
<span><span> </span>src/contrib/sendmail/src/usersmtp.c<span> </span>1.1.1.3.2.17</span>
<span><span> </span>src/contrib/sendmail/src/util.c<span> </span>1.1.1.3.2.15</span>
<span>RELENG_4_11</span>
<span><span> </span>src/contrib/sendmail/libsm/fflush.c<span> </span>1.1.1.1.2.1.12.1</span>
<span><span> </span>src/contrib/sendmail/libsm/local.h<span> </span><span> </span>1.1.1.1.2.5.2.1</span>
<span><span> </span>src/contrib/sendmail/libsm/refill.c<span> </span>1.1.1.1.2.3.2.1</span>
<span><span> </span>src/contrib/sendmail/src/collect.c<span> </span>1.1.1.4.2.14.2.1</span>
<span><span> </span>src/contrib/sendmail/src/conf.c<span> </span>1.5.2.17.2.1</span>
<span><span> </span>src/contrib/sendmail/src/deliver.c<span> </span>1.1.1.3.2.17.2.1</span>
<span><span> </span>src/contrib/sendmail/src/headers.c<span> </span>1.4.2.14.2.1</span>
<span><span> </span>src/contrib/sendmail/src/mime.c<span> </span>1.1.1.3.2.8.2.1</span>
<span><span> </span>src/contrib/sendmail/src/parseaddr.c <span> </span>1.1.1.2.6.17.2.1</span>
<span><span> </span>src/contrib/sendmail/src/savemail.c<span> </span>1.4.2.11.2.1</span>
<span><span> </span>src/contrib/sendmail/src/sendmail.h<span> </span>1.1.1.4.2.19.2.1</span>
<span><span> </span>src/contrib/sendmail/src/sfsasl.c<span> </span>1.1.1.1.2.14.2.1</span>
<span><span> </span>src/contrib/sendmail/src/sfsasl.h<span> </span>1.1.1.1.2.2.12.1</span>
<span><span> </span>src/contrib/sendmail/src/srvrsmtp.c<span> </span>1.1.1.2.6.17.2.1</span>
<span><span> </span>src/contrib/sendmail/src/usersmtp.c<span> </span>1.1.1.3.2.14.2.1</span>
<span><span> </span>src/contrib/sendmail/src/util.c<span> </span>1.1.1.3.2.13.2.1</span>
<span><span> </span>src/UPDATING<span> </span>1.73.2.91.2.17</span>
<span><span> </span>src/sys/conf/newvers.sh<span> </span>1.44.2.39.2.20</span>
<span>RELENG_4_10</span>
<span><span> </span>src/contrib/sendmail/libsm/fflush.c<span> </span><span> </span>1.1.1.1.2.1.10.1</span>
<span><span> </span>src/contrib/sendmail/libsm/local.h<span> </span>1.1.1.1.2.4.2.1</span>
<span><span> </span>src/contrib/sendmail/libsm/refill.c<span> </span>1.1.1.1.2.2.6.1</span>
<span><span> </span>src/contrib/sendmail/src/collect.c<span> </span>1.1.1.4.2.13.2.1</span>
<span><span> </span>src/contrib/sendmail/src/conf.c<span> </span>1.5.2.16.2.1</span>
<span><span> </span>src/contrib/sendmail/src/deliver.c<span> </span>1.1.1.3.2.16.2.1</span>
<span><span> </span>src/contrib/sendmail/src/headers.c<span> </span>1.4.2.13.2.1</span>
<span><span> </span>src/contrib/sendmail/src/mime.c<span> </span><span> </span>1.1.1.3.2.7.2.1</span>
<span><span> </span>src/contrib/sendmail/src/parseaddr.c<span> </span>1.1.1.2.6.16.2.1</span>
<span><span> </span>src/contrib/sendmail/src/savemail.c<span> </span>1.4.2.10.6.1</span>
<span><span> </span>src/contrib/sendmail/src/sendmail.h<span> </span>1.1.1.4.2.18.2.1</span>
<span><span> </span>src/contrib/sendmail/src/sfsasl.c<span> </span>1.1.1.1.2.13.2.1</span>
<span><span> </span>src/contrib/sendmail/src/sfsasl.h<span> </span>1.1.1.1.2.2.10.1</span>
<span><span> </span>src/contrib/sendmail/src/srvrsmtp.c<span> </span>1.1.1.2.6.16.2.1</span>
<span><span> </span>src/contrib/sendmail/src/usersmtp.c<span> </span><span> </span>1.1.1.3.2.13.2.1</span>
<span><span> </span>src/contrib/sendmail/src/util.c<span> </span>1.1.1.3.2.12.2.1</span>
<span><span> </span>src/UPDATING<span> </span>1.73.2.90.2.23</span>
<span><span> </span>src/sys/conf/newvers.sh<span> </span>1.33.2.34.2.24</span>
<span>RELENG_5</span>
<span><span> </span>src/contrib/sendmail/libsm/fflush.c<span> </span>1.1.1.3.8.1</span>
<span><span> </span>src/contrib/sendmail/libsm/local.h<span> </span>1.1.1.7.2.1</span>
<span><span> </span>src/contrib/sendmail/libsm/refill.c<span> </span>1.1.1.5.2.1</span>
<span><span> </span>src/contrib/sendmail/src/collect.c<span> </span>1.1.1.19.2.3</span>
<span><span> </span>src/contrib/sendmail/src/conf.c<span> </span>1.26.2.3</span>
<span><span> </span>src/contrib/sendmail/src/deliver.c<span> </span>1.1.1.21.2.3</span>
<span><span> </span>src/contrib/sendmail/src/headers.c<span> </span><span> </span>1.20.2.2</span>
<span><span> </span>src/contrib/sendmail/src/mime.c<span> </span>1.1.1.12.2.2</span>
<span><span> </span>src/contrib/sendmail/src/parseaddr.c<span> </span>1.1.1.20.2.3</span>
<span><span> </span>src/contrib/sendmail/src/savemail.c<span> </span>1.16.2.2</span>
<span><span> </span>src/contrib/sendmail/src/sendmail.h<span> </span>1.1.1.23.2.3</span>
<span><span> </span>src/contrib/sendmail/src/sfsasl.c<span> </span>1.1.1.14.2.2</span>
<span><span> </span>src/contrib/sendmail/src/sfsasl.h<span> </span>1.1.1.4.8.1</span>
<span><span> </span>src/contrib/sendmail/src/srvrsmtp.c<span> </span><span> </span>1.1.1.20.2.3</span>
<span><span> </span>src/contrib/sendmail/src/usersmtp.c<span> </span>1.1.1.18.2.3</span>
<span><span> </span>src/contrib/sendmail/src/util.c<span> </span>1.1.1.17.2.2</span>
<span>RELENG_5_4</span>
<span><span> </span>src/contrib/sendmail/libsm/fflush.c<span> </span>1.1.1.3.12.1</span>
<span><span> </span>src/contrib/sendmail/libsm/local.h<span> </span>1.1.1.7.6.1</span>
<span><span> </span>src/contrib/sendmail/libsm/refill.c<span> </span>1.1.1.5.6.1</span>
<span><span> </span>src/contrib/sendmail/src/collect.c<span> </span>1.1.1.19.2.1.2.1</span>
<span><span> </span>src/contrib/sendmail/src/conf.c<span> </span><span> </span>1.26.2.1.2.1</span>
<span><span> </span>src/contrib/sendmail/src/deliver.c<span> </span>1.1.1.21.2.1.2.1</span>
<span><span> </span>src/contrib/sendmail/src/headers.c<span> </span>1.20.2.1.2.1</span>
<span><span> </span>src/contrib/sendmail/src/mime.c<span> </span>1.1.1.12.2.1.2.1</span>
<span><span> </span>src/contrib/sendmail/src/parseaddr.c<span> </span>1.1.1.20.2.1.2.1</span>
<span><span> </span>src/contrib/sendmail/src/savemail.c<span> </span>1.16.2.1.2.1</span>
<span><span> </span>src/contrib/sendmail/src/sendmail.h<span> </span>1.1.1.23.2.1.2.1</span>
<span><span> </span>src/contrib/sendmail/src/sfsasl.c<span> </span>1.1.1.14.2.1.2.1</span>
<span><span> </span>src/contrib/sendmail/src/sfsasl.h<span> </span>1.1.1.4.12.1</span>
<span><span> </span>src/contrib/sendmail/src/srvrsmtp.c<span> </span>1.1.1.20.2.1.2.1</span>
<span><span> </span>src/contrib/sendmail/src/usersmtp.c<span> </span>1.1.1.18.2.1.2.1</span>
<span><span> </span>src/contrib/sendmail/src/util.c<span> </span>1.1.1.17.2.1.2.1</span>
<span><span> </span>src/UPDATING<span> </span>1.342.2.24.2.22</span>
<span><span> </span>src/sys/conf/newvers.sh<span> </span>1.62.2.18.2.18</span>
<span>RELENG_5_3</span>
<span><span> </span>src/contrib/sendmail/libsm/fflush.c<span> </span>1.1.1.3.10.1</span>
<span><span> </span>src/contrib/sendmail/libsm/local.h<span> </span>1.1.1.7.4.1</span>
<span><span> </span>src/contrib/sendmail/libsm/refill.c<span> </span>1.1.1.5.4.1</span>
<span><span> </span>src/contrib/sendmail/src/collect.c<span> </span><span> </span>1.1.1.19.4.1</span>
<span><span> </span>src/contrib/sendmail/src/conf.c<span> </span>1.26.4.1</span>
<span><span> </span>src/contrib/sendmail/src/deliver.c<span> </span>1.1.1.21.4.1</span>
<span><span> </span>src/contrib/sendmail/src/headers.c<span> </span>1.20.4.1</span>
<span><span> </span>src/contrib/sendmail/src/mime.c<span> </span>1.1.1.12.4.1</span>
<span><span> </span>src/contrib/sendmail/src/parseaddr.c<span> </span>1.1.1.20.4.1</span>
<span><span> </span>src/contrib/sendmail/src/savemail.c<span> </span>1.16.4.1</span>
<span><span> </span>src/contrib/sendmail/src/sendmail.h<span> </span><span> </span>1.1.1.23.4.1</span>
<span><span> </span>src/contrib/sendmail/src/sfsasl.c<span> </span>1.1.1.14.4.1</span>
<span><span> </span>src/contrib/sendmail/src/sfsasl.h<span> </span>1.1.1.4.10.1</span>
<span><span> </span>src/contrib/sendmail/src/srvrsmtp.c<span> </span>1.1.1.20.4.1</span>
<span><span> </span>src/contrib/sendmail/src/usersmtp.c<span> </span>1.1.1.18.4.1</span>
<span><span> </span>src/contrib/sendmail/src/util.c<span> </span>1.1.1.17.4.1</span>
<span><span> </span>src/UPDATING<span> </span>1.342.2.13.2.31</span>
<span><span> </span>src/sys/conf/newvers.sh<span> </span><span> </span>1.62.2.15.2.33</span>
<span>RELENG_6</span>
<span><span> </span>src/contrib/sendmail/libsm/fflush.c<span> </span>1.1.1.3.14.1</span>
<span><span> </span>src/contrib/sendmail/libsm/local.h<span> </span>1.1.1.7.8.1</span>
<span><span> </span>src/contrib/sendmail/libsm/refill.c<span> </span>1.1.1.5.8.1</span>
<span><span> </span>src/contrib/sendmail/src/collect.c<span> </span>1.1.1.21.2.1</span>
<span><span> </span>src/contrib/sendmail/src/conf.c<span> </span>1.28.2.1</span>
<span><span> </span>src/contrib/sendmail/src/deliver.c<span> </span>1.1.1.23.2.1</span>
<span><span> </span>src/contrib/sendmail/src/headers.c<span> </span>1.21.2.1</span>
<span><span> </span>src/contrib/sendmail/src/mime.c<span> </span>1.1.1.13.2.1</span>
<span><span> </span>src/contrib/sendmail/src/parseaddr.c<span> </span>1.1.1.22.2.1</span>
<span><span> </span>src/contrib/sendmail/src/savemail.c<span> </span>1.17.2.1</span>
<span><span> </span>src/contrib/sendmail/src/sendmail.h<span> </span>1.1.1.26.2.1</span>
<span><span> </span>src/contrib/sendmail/src/sfsasl.c<span> </span>1.1.1.15.2.1</span>
<span><span> </span>src/contrib/sendmail/src/sfsasl.h<span> </span>1.1.1.4.14.1</span>
<span><span> </span>src/contrib/sendmail/src/srvrsmtp.c<span> </span>1.1.1.22.2.1</span>
<span><span> </span>src/contrib/sendmail/src/usersmtp.c<span> </span>1.1.1.21.2.1</span>
<span><span> </span>src/contrib/sendmail/src/util.c<span> </span>1.1.1.18.2.1</span>
<span>RELENG_6_0</span>
<span><span> </span>src/contrib/sendmail/libsm/fflush.c<span> </span>1.1.1.3.16.1</span>
<span><span> </span>src/contrib/sendmail/libsm/local.h<span> </span>1.1.1.7.10.1</span>
<span><span> </span>src/contrib/sendmail/libsm/refill.c<span> </span>1.1.1.5.10.1</span>
<span><span> </span>src/contrib/sendmail/src/collect.c<span> </span><span> </span>1.1.1.21.4.1</span>
<span><span> </span>src/contrib/sendmail/src/conf.c<span> </span>1.28.4.1</span>
<span><span> </span>src/contrib/sendmail/src/deliver.c<span> </span>1.1.1.23.4.1</span>
<span><span> </span>src/contrib/sendmail/src/headers.c<span> </span>1.21.4.1</span>
<span><span> </span>src/contrib/sendmail/src/mime.c<span> </span>1.1.1.13.4.1</span>
<span><span> </span>src/contrib/sendmail/src/parseaddr.c<span> </span>1.1.1.22.4.1</span>
<span><span> </span>src/contrib/sendmail/src/savemail.c<span> </span>1.17.4.1</span>
<span><span> </span>src/contrib/sendmail/src/sendmail.h<span> </span><span> </span>1.1.1.26.4.1</span>
<span><span> </span>src/contrib/sendmail/src/sfsasl.c<span> </span>1.1.1.15.4.1</span>
<span><span> </span>src/contrib/sendmail/src/sfsasl.h<span> </span>1.1.1.4.16.1</span>
<span><span> </span>src/contrib/sendmail/src/srvrsmtp.c<span> </span>1.1.1.22.4.1</span>
<span><span> </span>src/contrib/sendmail/src/usersmtp.c<span> </span>1.1.1.21.4.1</span>
<span><span> </span>src/contrib/sendmail/src/util.c<span> </span>1.1.1.18.4.1</span>
<span><span> </span></span>src/UPDATING<span> </span>1.416.2.3.2.11
<span><span> </span>src/sys/conf/newvers.sh<span> </span><span> </span>1.69.2.8.2.7</span>
<span>- -------------------------------------------------------------------------</span>
VII. Odnośniki
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0058
Najnowsza wersja jest dostępna pod adresem:
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06 :13.sendmail.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (FreeBSD)
iD8DBQFEIXZWFdaIBMps37IRAldYAJ9nd+wQMJlQObUuio5tBEFwD0ULwwCbB2eI
u3JkyVwHx4WOgmZkg9QKang=
=d3RW
-----END PGP SIGNATURE-----
|
Bezpieczeństwo 
