-----BEGIN PGP SIGNED MESSAGE----- ______________________________________________________________________________ Caldera Systems, Inc. Security Advisory Subject: procmail Advisory number: CSSA-1999:007.0 Issue date: 1999 04 20 Last revised: 1999 04 26 Cross reference: ______________________________________________________________________________ 1. Problem Description All versions of procmail previous to 3.12 could overflow heap allocated buffers, either when given a sufficiently long command line argument, or during expansions while processing procmailrc files. If the later occurs during the processing of /etc/procmailrc on systems where procmail is installed setuid root or is run as the local delivery agent, root access may be obtainable. If procmail is installed setgid, then the command line overflow exposes that group, but not (directly) root. Overflows that occur while processing user procmailrc files may give out setgid and/or that user's access. 2. Vulnerable Versions Systems: OpenLinux 1.0, 1.1, 1.2, 1.3, 2.2. Packages: previous to procmail-3.12 3. Solutions The proper solution is to upgrade to the procmail-3.13-1 packages. 4. Location of Fixed Packages The upgrade packages can be found on Caldera's FTP site at: ftp://ftp.calderasystems.com/pub/OpenLinux/updates/2.2/current/RPMS/ The corresponding source code package can be found at: ftp://ftp.calderaystems.com/pub/OpenLinux/updates/2.2/current/SRPMS 5. Installing Fixed Packages Upgrade the affected packages with the following commands: rpm -q procmail && rpm -i procmail-3.13.1-1.i386.rpm 6. Verification The MD5 checksums (from the "md5sum" command) for these packages are: 7327615997c26cf03bc33bf8c7e259f1 README afabc85dcf69d7484d143b0b01224512 RPMS/procmail-3.13.1-1.i386.rpm 32ca29c5fe5f73f7e9a8415789f1291f SRPMS/procmail-3.13.1-1.src.rpm 7. References This and other Caldera security resources are located at: http://www.calderasystems.com/news/security/index.html Additional documentation on this problem can be found in: This security fix closes Caldera's internal Problem Report 4526. 8. Disclaimer Caldera Systems, Inc. is not responsible for the misuse of any of the information we provide on this website and/or through our security advisories. Our advisories are a service to our customers intended to promote secure installation and use of Caldera OpenLinux. ______________________________________________________________________________ -----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: noconv iQCVAwUBNyR/6+n+9R4958LpAQG0ggP/bXESGCTw4H6WqIGQjrotPdjbP1tjFhI9 V0zX3360qaKQzYDkoEQbMY2MVE5XogkcZysuAJvwRgcgKcDpXPDKXcvMVnNaGNJv Sqol/9m0AT4mj6yYxWeOGeWSlhwY1vknfTroz6qR0F3yw1XU6uOs/4Y1bzExAQoE wEktV4nwmAw= =JCmG -----END PGP SIGNATURE-----