Auditorías de Seguridad de Red / Evaluación de vulnerabilidades de SecuritySpace

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

Synopsis:          Updated balsa packages fix vulnerabilities
Advisory ID:       RHSA-2003:111-01
Issue date:        2003-05-22
Updated on:        2003-05-22
Product:           Red Hat Enterprise Linux
Keywords:          balsa mutt IMAP server UTF7 UTF8
Cross references:
Obsoletes:
CVE Names:         CAN-2003-0140 CAN-2002-1090
---------------------------------------------------------------------

1. Topic:

Updated Balsa packages are available which fix potential vulnerabilities in
the IMAP handling code and in libesmtp.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64
Red Hat Linux Advanced Workstation 2.1 - ia64
Red Hat Enterprise Linux ES version 2.1 - i386
Red Hat Enterprise Linux WS version 2.1 - i386

3. Problem description:

Balsa is a GNOME email client which includes code from Mutt.

A potential buffer overflow exists in Balsa versions 1.2 and higher when
parsing mailbox names returned by an IMAP server. It is possible that a
hostile IMAP server could cause arbitrary code to be executed by the user
running Balsa.

Additionally, a buffer overflow in libesmtp (an SMTP library used by Balsa)
before version 0.8.11 allows a hostile remote SMTP server to execute
arbitrary code via a certain response or cause a denial of service via long
server responses.

Users of Balsa are recommended to upgrade to these erratum packages which
include updated versions of Balsa and libesmtp which are not vulnerable to
these issues.

Red Hat would like to thank CORE security for discovering the
vulnerability, and the Mutt team for providing a patch.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade.  Only those
RPMs which are currently installed will be updated.  Those RPMs which are
not installed but included in the list will not be updated.  Note that you
can also use wildcards (*.rpm) if your current directory *only* contains the
desired RPMs.

Please note that this update is also available via Red Hat Network.  Many
people find this an easier way to apply updates.  To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

5. Bug IDs fixed (http://bugzilla.redhat.com/bugzilla for more info):

86601 - CAN-2003-0140 balsa has malicious IMAP server vulnerability

6. RPMs required:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/balsa-1.2.4-7.7.2.src.rpm
ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/libesmtp-0.8.12-0.7.x.src.rpm

i386:
Available from Red Hat Network: balsa-1.2.4-7.7.2.i386.rpm
Available from Red Hat Network: libesmtp-0.8.12-0.7.x.i386.rpm
Available from Red Hat Network: libesmtp-devel-0.8.12-0.7.x.i386.rpm

ia64:
Available from Red Hat Network: balsa-1.2.4-7.7.2.ia64.rpm
Available from Red Hat Network: libesmtp-0.8.12-0.7.x.ia64.rpm
Available from Red Hat Network: libesmtp-devel-0.8.12-0.7.x.ia64.rpm

Red Hat Linux Advanced Workstation 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/balsa-1.2.4-7.7.2.src.rpm
ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/libesmtp-0.8.12-0.7.x.src.rpm

ia64:
Available from Red Hat Network: balsa-1.2.4-7.7.2.ia64.rpm
Available from Red Hat Network: libesmtp-0.8.12-0.7.x.ia64.rpm
Available from Red Hat Network: libesmtp-devel-0.8.12-0.7.x.ia64.rpm

Red Hat Enterprise Linux ES version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/balsa-1.2.4-7.7.2.src.rpm
ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/libesmtp-0.8.12-0.7.x.src.rpm

i386:
Available from Red Hat Network: balsa-1.2.4-7.7.2.i386.rpm
Available from Red Hat Network: libesmtp-0.8.12-0.7.x.i386.rpm
Available from Red Hat Network: libesmtp-devel-0.8.12-0.7.x.i386.rpm

Red Hat Enterprise Linux WS version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/balsa-1.2.4-7.7.2.src.rpm
ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/libesmtp-0.8.12-0.7.x.src.rpm

i386:
Available from Red Hat Network: balsa-1.2.4-7.7.2.i386.rpm
Available from Red Hat Network: libesmtp-0.8.12-0.7.x.i386.rpm
Available from Red Hat Network: libesmtp-devel-0.8.12-0.7.x.i386.rpm

7. Verification:

MD5 sum                          Package Name
--------------------------------------------------------------------------
5bab8505c792c1682072f90ec5babe6a 2.1AS/en/os/SRPMS/balsa-1.2.4-7.7.2.src.rpm
d5234163353ecf276c872abf253703d9 2.1AS/en/os/SRPMS/libesmtp-0.8.12-0.7.x.src.rpm
9a2394f555cc8ea15891e04da2e73030 2.1AS/en/os/i386/balsa-1.2.4-7.7.2.i386.rpm
f4d4ae7c3af052f43e1873169ed06036 2.1AS/en/os/i386/libesmtp-0.8.12-0.7.x.i386.rpm
08be48e6749eaa9eee9c3c130c8e8bd5 2.1AS/en/os/i386/libesmtp-devel-0.8.12-0.7.x.i386.rpm
fb4a47e64ac2a8e35ea98bd64f980eb5 2.1AS/en/os/ia64/balsa-1.2.4-7.7.2.ia64.rpm
f5dd08e62f829edf0d1f24a26b7ab364 2.1AS/en/os/ia64/libesmtp-0.8.12-0.7.x.ia64.rpm
af33956420acf4c8c1e551850aaec2c8 2.1AS/en/os/ia64/libesmtp-devel-0.8.12-0.7.x.ia64.rpm
5bab8505c792c1682072f90ec5babe6a 2.1AW/en/os/SRPMS/balsa-1.2.4-7.7.2.src.rpm
d5234163353ecf276c872abf253703d9 2.1AW/en/os/SRPMS/libesmtp-0.8.12-0.7.x.src.rpm
fb4a47e64ac2a8e35ea98bd64f980eb5 2.1AW/en/os/ia64/balsa-1.2.4-7.7.2.ia64.rpm
f5dd08e62f829edf0d1f24a26b7ab364 2.1AW/en/os/ia64/libesmtp-0.8.12-0.7.x.ia64.rpm
af33956420acf4c8c1e551850aaec2c8 2.1AW/en/os/ia64/libesmtp-devel-0.8.12-0.7.x.ia64.rpm
5bab8505c792c1682072f90ec5babe6a 2.1ES/en/os/SRPMS/balsa-1.2.4-7.7.2.src.rpm
d5234163353ecf276c872abf253703d9 2.1ES/en/os/SRPMS/libesmtp-0.8.12-0.7.x.src.rpm
9a2394f555cc8ea15891e04da2e73030 2.1ES/en/os/i386/balsa-1.2.4-7.7.2.i386.rpm
f4d4ae7c3af052f43e1873169ed06036 2.1ES/en/os/i386/libesmtp-0.8.12-0.7.x.i386.rpm
08be48e6749eaa9eee9c3c130c8e8bd5 2.1ES/en/os/i386/libesmtp-devel-0.8.12-0.7.x.i386.rpm
5bab8505c792c1682072f90ec5babe6a 2.1WS/en/os/SRPMS/balsa-1.2.4-7.7.2.src.rpm
d5234163353ecf276c872abf253703d9 2.1WS/en/os/SRPMS/libesmtp-0.8.12-0.7.x.src.rpm
9a2394f555cc8ea15891e04da2e73030 2.1WS/en/os/i386/balsa-1.2.4-7.7.2.i386.rpm
f4d4ae7c3af052f43e1873169ed06036 2.1WS/en/os/i386/libesmtp-0.8.12-0.7.x.i386.rpm
08be48e6749eaa9eee9c3c130c8e8bd5 2.1WS/en/os/i386/libesmtp-devel-0.8.12-0.7.x.i386.rpm

These packages are GPG signed by Red Hat for security.  Our key is
available at http://www.redhat.com/solutions/security/news/publickey/

You can verify each package with the following command:

    rpm --checksig -v <filename>

If you only wish to verify that each package has not been corrupted or
tampered with, examine only the md5sum with the following command:

    md5sum <filename>

8. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0140
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1090

9. Contact:

The Red Hat security contact is <security@redhat.com>.  More contact
details at http://www.redhat.com/solutions/security/news/contact/

Copyright 2003 Red Hat, Inc.