From security@linux-mandrake.com Mon Aug 4 04:50:24 2003 From: Mandrake Linux Security Team To: full-disclosure@lists.netsys.com Date: 4 Aug 2003 06:14:56 -0000 Subject: [Full-Disclosure] MDKSA-2003:081 - Updated postfix packages fix remote DoS -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ________________________________________________________________________ Mandrake Linux Security Update Advisory ________________________________________________________________________ Package name: postfix Advisory ID: MDKSA-2003:081 Date: August 4th, 2003 Affected versions: 8.2, 9.0, Corporate Server 2.1, Multi Network Firewall 8.2 ________________________________________________________________________ Problem Description: Two vulnerabilities were discovered in the postfix MTA by Michal Zalewski. Versions prior to 1.1.12 would allow an attacker to bounce- scan private networks or use the daemon as a DDoS (Distributed Denial of Service) tool by forcing the daemon to connect to an arbitrary service at an arbitrary IP address and receiving either a bounce message or by timing. As well, versions prior to 1.1.12 have a bug where a malformed envelope address can cause the queue manager to lock up until an entry is removed from the queue and also lock up the SMTP listener leading to a DoS. Postfix version 1.1.13 corrects these issues. The provided packages have been patched to fix the vulnerabilities. ________________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0468 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0540 ________________________________________________________________________ Updated Packages: Corporate Server 2.1: 2aad99a13d54ad1639f838b72c541c5c corporate/2.1/RPMS/postfix-1.1.13-1.1mdk.i586.rpm 435cada8d84f410e4991d8563e6d42a6 corporate/2.1/SRPMS/postfix-1.1.13-1.1mdk.src.rpm Corporate Server 2.1/x86_64: 92a11a97498d15b49800691daccfde79 x86_64/corporate/2.1/RPMS/postfix-1.1.13-1.2mdk.x86_64.rpm 6f340161b82d806f11b9cad2acc36041 x86_64/corporate/2.1/SRPMS/postfix-1.1.13-1.2mdk.src.rpm Mandrake Linux 8.2: 3d78e8d0a5c6d841697c055112fa3cc0 8.2/RPMS/postfix-20010228-20.1mdk.i586.rpm d06d059baad0ab14b09c7612f94c7296 8.2/SRPMS/postfix-20010228-20.1mdk.src.rpm Mandrake Linux 8.2/PPC: 56162355881b39128f60f94e2992edbb ppc/8.2/RPMS/postfix-20010228-20.1mdk.ppc.rpm d06d059baad0ab14b09c7612f94c7296 ppc/8.2/SRPMS/postfix-20010228-20.1mdk.src.rpm Mandrake Linux 9.0: 2aad99a13d54ad1639f838b72c541c5c 9.0/RPMS/postfix-1.1.13-1.1mdk.i586.rpm 435cada8d84f410e4991d8563e6d42a6 9.0/SRPMS/postfix-1.1.13-1.1mdk.src.rpm Multi Network Firewall 8.2: 3d78e8d0a5c6d841697c055112fa3cc0 mnf8.2/RPMS/postfix-20010228-20.1mdk.i586.rpm d06d059baad0ab14b09c7612f94c7296 mnf8.2/SRPMS/postfix-20010228-20.1mdk.src.rpm ________________________________________________________________________ Bug IDs fixed (see https://qa.mandrakesoft.com for more information): ________________________________________________________________________ To upgrade automatically, use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. A list of FTP mirrors can be obtained from: http://www.mandrakesecure.net/en/ftp.php All packages are signed by MandrakeSoft for security. You can obtain the GPG public key of the Mandrake Linux Security Team by executing: gpg --recv-keys --keyserver www.mandrakesecure.net 0x22458A98 Please be aware that sometimes it takes the mirrors a few hours to update. You can view other update advisories for Mandrake Linux at: http://www.mandrakesecure.net/en/advisories/ MandrakeSoft has several security-related mailing list services that anyone can subscribe to. Information on these lists can be obtained by visiting: http://www.mandrakesecure.net/en/mlist.php If you want to report vulnerabilities, please contact security_linux-mandrake.com Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE/LfngmqjQ0CJFipgRArn3AJ9GzzUYjosBo65dkA+MP+6wq+7rTgCgrWuB 6UpA1SQaJC7jyYPeOiJM/7s= =HK0e -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html