Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2003.0538 -- Debian Security Advisory DSA-363-1
New postfix packages fix remote denial of service, bounce scanning
04 August 2003
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: postfix
Publisher: Debian
Operating System: Debian GNU/Linux 3.0
Linux
Impact: Distributed Denial of Service
Denial of Service
Access Required: Remote
CVE Names: CAN-2003-0468, CAN-2003-0540
Comment:
Please note, as stated below, this vulnerability could allow an
attacker to bounce-scan private networks or use the daemon as a
DDoS tool by forcing the daemon to connect to an arbitrary
service at an arbitrary IP address and either receiving a bounce
message or observing queue operations to infer the status of the
delivery attempt.
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- - --------------------------------------------------------------------------
Debian Security Advisory DSA 363-1 security@debian.org
http://www.debian.org/security/ Matt Zimmerman
August 3rd, 2003 http://www.debian.org/security/faq
- - --------------------------------------------------------------------------
Package : postfix
Vulnerability : denial of service, bounce-scanning
Problem-Type : remote
Debian-specific: no
CVE Ids : CAN-2003-0468, CAN-2003-0540
The postfix mail transport agent in Debian 3.0 contains two
vulnerabilities:
CAN-2003-0468: Postfix would allow an attacker to bounce-scan private
networks or use the daemon as a DDoS tool by forcing the daemon to
connect to an arbitrary service at an arbitrary IP address and
either receiving a bounce message or observing queue operations to
infer the status of the delivery attempt.
CAN-2003-0540: a malformed envelope address can 1) cause the queue
manager to lock up until an entry is removed from the queue and 2)
lock up the smtp listener leading to a denial of service
For the current stable distribution (woody) these problems have been
fixed in version 1.1.11-0.woody3.
For the unstable distribution (sid) these problems will be fixed soon.
We recommend that you update your postfix package.
Upgrade Instructions
- - --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.0 alias woody
- - --------------------------------
Source archives:
http://security.debian.org/pool/updates/main/p/postfix/postfix_1.1.11-0.woody3.dsc
Size/MD5 checksum: 714 63f8dfe8115d2b6ee9495444b51f38ff
http://security.debian.org/pool/updates/main/p/postfix/postfix_1.1.11-0.woody3.diff.gz
Size/MD5 checksum: 67858 7d4141b4f8751bd624b73e098754ff92
http://security.debian.org/pool/updates/main/p/postfix/postfix_1.1.11.orig.tar.gz
Size/MD5 checksum: 1190741 b34bb2b5018327c19456a77814141208
Architecture independent components:
http://security.debian.org/pool/updates/main/p/postfix/postfix-dev_1.1.11-0.woody3_all.deb
Size/MD5 checksum: 74036 c890416be4ddb61410919d2935a8d2ae
http://security.debian.org/pool/updates/main/p/postfix/postfix-doc_1.1.11-0.woody3_all.deb
Size/MD5 checksum: 344376 55a049625aa50b01d1c1001be7322931
Alpha architecture:
http://security.debian.org/pool/updates/main/p/postfix/postfix_1.1.11-0.woody3_alpha.deb
Size/MD5 checksum: 605684 556af2c5463a268e7e2c1141b1feca6f
http://security.debian.org/pool/updates/main/p/postfix/postfix-ldap_1.1.11-0.woody3_alpha.deb
Size/MD5 checksum: 28286 1051c9af8059a06a20277fee38c46eed
http://security.debian.org/pool/updates/main/p/postfix/postfix-mysql_1.1.11-0.woody3_alpha.deb
Size/MD5 checksum: 25840 0fa1abe8d1203dc0caef928edb9cbfa1
http://security.debian.org/pool/updates/main/p/postfix/postfix-pcre_1.1.11-0.woody3_alpha.deb
Size/MD5 checksum: 24386 5cd779b6f1b8e19b31305999d2d99a03
ARM architecture:
http://security.debian.org/pool/updates/main/p/postfix/postfix_1.1.11-0.woody3_arm.deb
Size/MD5 checksum: 520402 9c9846e4c3b3a842f9476a590653ee2a
http://security.debian.org/pool/updates/main/p/postfix/postfix-ldap_1.1.11-0.woody3_arm.deb
Size/MD5 checksum: 27480 8d7ca95fe4ca8ad8590e767e733ea73f
http://security.debian.org/pool/updates/main/p/postfix/postfix-mysql_1.1.11-0.woody3_arm.deb
Size/MD5 checksum: 25088 2c009beda5132fade32da110dbe08505
http://security.debian.org/pool/updates/main/p/postfix/postfix-pcre_1.1.11-0.woody3_arm.deb
Size/MD5 checksum: 23974 3f399c1c0f783ef8a32cd5ff2586beeb
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/p/postfix/postfix_1.1.11-0.woody3_i386.deb
Size/MD5 checksum: 508482 23220e1154476d616f4231c1aab08961
http://security.debian.org/pool/updates/main/p/postfix/postfix-ldap_1.1.11-0.woody3_i386.deb
Size/MD5 checksum: 27020 599799ed8999f4cd440db3bf27d0a144
http://security.debian.org/pool/updates/main/p/postfix/postfix-mysql_1.1.11-0.woody3_i386.deb
Size/MD5 checksum: 24962 d2057f8047247c13eb1530c974c3214f
http://security.debian.org/pool/updates/main/p/postfix/postfix-pcre_1.1.11-0.woody3_i386.deb
Size/MD5 checksum: 23774 9a56259b465146461e24b1074dbb9378
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/p/postfix/postfix_1.1.11-0.woody3_ia64.deb
Size/MD5 checksum: 715268 4b3b20647254766b9ea61000f6fabf6b
http://security.debian.org/pool/updates/main/p/postfix/postfix-ldap_1.1.11-0.woody3_ia64.deb
Size/MD5 checksum: 31250 0472e4740e5a8089389ebb5ac0e3287a
http://security.debian.org/pool/updates/main/p/postfix/postfix-mysql_1.1.11-0.woody3_ia64.deb
Size/MD5 checksum: 27468 ab3f9b3f25ff6e1c7c85ebe1bb8746a1
http://security.debian.org/pool/updates/main/p/postfix/postfix-pcre_1.1.11-0.woody3_ia64.deb
Size/MD5 checksum: 25620 074c809aea6dc4be33a3fc02fa4269e9
HP Precision architecture:
http://security.debian.org/pool/updates/main/p/postfix/postfix_1.1.11-0.woody3_hppa.deb
Size/MD5 checksum: 547490 f6c526ca243ecff15ba1fca5b5f1b66c
http://security.debian.org/pool/updates/main/p/postfix/postfix-ldap_1.1.11-0.woody3_hppa.deb
Size/MD5 checksum: 27970 942e49f343905da65092903517dc3415
http://security.debian.org/pool/updates/main/p/postfix/postfix-mysql_1.1.11-0.woody3_hppa.deb
Size/MD5 checksum: 25722 ffa283e47e289d5cee9cf0216a2a3ba4
http://security.debian.org/pool/updates/main/p/postfix/postfix-pcre_1.1.11-0.woody3_hppa.deb
Size/MD5 checksum: 24422 0ac384dab6e94a64f108655e4e1d1b73
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/p/postfix/postfix_1.1.11-0.woody3_m68k.deb
Size/MD5 checksum: 507710 9fb65f8b4ceef076ce6ff714e3915a9e
http://security.debian.org/pool/updates/main/p/postfix/postfix-ldap_1.1.11-0.woody3_m68k.deb
Size/MD5 checksum: 27370 c48f95fab1a490b6b09dfa4a7b26ab91
http://security.debian.org/pool/updates/main/p/postfix/postfix-mysql_1.1.11-0.woody3_m68k.deb
Size/MD5 checksum: 25054 65b484b1bf326d724dc38b144e185bd3
http://security.debian.org/pool/updates/main/p/postfix/postfix-pcre_1.1.11-0.woody3_m68k.deb
Size/MD5 checksum: 23796 f0168fa13739555d29096c0543fa8dea
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/p/postfix/postfix_1.1.11-0.woody3_mips.deb
Size/MD5 checksum: 545344 5d95ea078f00cf155e717d7698bb39b3
http://security.debian.org/pool/updates/main/p/postfix/postfix-ldap_1.1.11-0.woody3_mips.deb
Size/MD5 checksum: 26882 9ed43af513be789bd187ac6a2ec504bd
http://security.debian.org/pool/updates/main/p/postfix/postfix-mysql_1.1.11-0.woody3_mips.deb
Size/MD5 checksum: 25102 f87d8f4086277f46b52bebd3e267f18d
http://security.debian.org/pool/updates/main/p/postfix/postfix-pcre_1.1.11-0.woody3_mips.deb
Size/MD5 checksum: 23956 58e9c16d3c27ad5d043566fa3bf0597d
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/p/postfix/postfix_1.1.11-0.woody3_mipsel.deb
Size/MD5 checksum: 545522 7fe4a3c93289c5a5739fb6180bf8f97e
http://security.debian.org/pool/updates/main/p/postfix/postfix-ldap_1.1.11-0.woody3_mipsel.deb
Size/MD5 checksum: 26888 0496ef4b059d449745363e4e77832cf6
http://security.debian.org/pool/updates/main/p/postfix/postfix-mysql_1.1.11-0.woody3_mipsel.deb
Size/MD5 checksum: 25100 88f26e2aff54b403bdd4a91e685ab62c
http://security.debian.org/pool/updates/main/p/postfix/postfix-pcre_1.1.11-0.woody3_mipsel.deb
Size/MD5 checksum: 23954 ac4942b8b1f798a6f9bfa41a66eae6e7
PowerPC architecture:
http://security.debian.org/pool/updates/main/p/postfix/postfix_1.1.11-0.woody3_powerpc.deb
Size/MD5 checksum: 523612 ac006fecf3d9e355403cc284c7b59a67
http://security.debian.org/pool/updates/main/p/postfix/postfix-ldap_1.1.11-0.woody3_powerpc.deb
Size/MD5 checksum: 27482 c579b63eb17de0cd64662ccfbcc24421
http://security.debian.org/pool/updates/main/p/postfix/postfix-mysql_1.1.11-0.woody3_powerpc.deb
Size/MD5 checksum: 25180 380841ca73f243f0892545400bd0e433
http://security.debian.org/pool/updates/main/p/postfix/postfix-pcre_1.1.11-0.woody3_powerpc.deb
Size/MD5 checksum: 23962 acf4ce767365da22d08f9421413cfc31
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/p/postfix/postfix_1.1.11-0.woody3_s390.deb
Size/MD5 checksum: 539476 45c0dfe2421fe6913085629df92befa6
http://security.debian.org/pool/updates/main/p/postfix/postfix-ldap_1.1.11-0.woody3_s390.deb
Size/MD5 checksum: 27458 145d980da8ffb3f077a70fea768f2dca
http://security.debian.org/pool/updates/main/p/postfix/postfix-mysql_1.1.11-0.woody3_s390.deb
Size/MD5 checksum: 25268 d1fb9abe20874c98a7046dd0c3b606a4
http://security.debian.org/pool/updates/main/p/postfix/postfix-pcre_1.1.11-0.woody3_s390.deb
Size/MD5 checksum: 24054 69b7cb2d47709e4cb4e9ae8ed0b0c86f
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/p/postfix/postfix_1.1.11-0.woody3_sparc.deb
Size/MD5 checksum: 539342 e8fdc2ca77c41f4046e1e212683a5f18
http://security.debian.org/pool/updates/main/p/postfix/postfix-ldap_1.1.11-0.woody3_sparc.deb
Size/MD5 checksum: 27920 f945a9c32434b4b617620e966a840564
http://security.debian.org/pool/updates/main/p/postfix/postfix-mysql_1.1.11-0.woody3_sparc.deb
Size/MD5 checksum: 25114 4437625a8d2e34058b4e4f94823b4385
http://security.debian.org/pool/updates/main/p/postfix/postfix-pcre_1.1.11-0.woody3_sparc.deb
Size/MD5 checksum: 23926 c716ff776a4246c2ab864bac204dd4da
These files will probably be moved into the stable distribution on
its next revision.
- - ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
iD8DBQE/LYu9ArxCt0PiXR4RAmwDAJ0ez/2Km4H0popgoyYp7aus68aXWgCgvrP3
QYYliUAgYWlCg7A5j+kAKlA=
=gOIX
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
If you believe that your computer system has been compromised or attacked in
any way, we encourage you to let us know by completing the secure National IT
Incident Reporting Form at:
http://www.auscert.org.au/render.html?it=3192
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business
hours which are GMT+10:00 (AEST). On call after hours
for member emergencies only.
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQCVAwUBPy4Esyh9+71yA2DNAQFZUAQAjKZhtJwWZWfULvJB5GAi8u1VUKdKUQul
Pi4PITEtZyJ0WuZKlFGMa0RPaZsOQNaHq9wDc16R4k+TIA4aXT+J2e37hoJZyiol
HWJvAvsfVjJBNGUIsw6U9sOlI/W1cIEYC1LW58WnPCMlT74mF1hMXx+AaK/Gdgry
l6f1UQhDjak=
=+q4l
-----END PGP SIGNATURE-----