Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2005.0586 -- RHSA-2005:639-01
Critical: kdenetwork security update
22 July 2005
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Kopete
Publisher: Red Hat
Operating System: Red Hat Enterprise Linux AS/ES/WS 4
Red Hat Enterprise Linux Desktop 4
Impact: Execute Arbitrary Code/Commands
Denial of Service
Access: Remote/Unauthenticated
CVE Names: CAN-2005-1852
Ref: ESB-2005.0585
Original Bulletin: https://rhn.redhat.com/errata/RHSA-2005-639.html
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- - ---------------------------------------------------------------------
Red Hat Security Advisory
Synopsis: Critical: kdenetwork security update
Advisory ID: RHSA-2005:639-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-639.html
Issue date: 2005-07-21
Updated on: 2005-07-21
Product: Red Hat Enterprise Linux
CVE Names: CAN-2005-1852
- - ---------------------------------------------------------------------
1. Summary:
Updated kdenetwork packages to correct a security flaw in Kopete are now
available for Red Hat Enterprise Linux 4.
This update has been rated as having critical security impact by the Red
Hat Security Response Team.
2. Relevant releases/architectures:
Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64
3. Problem description:
The kdenetwork package contains networking applications for the K Desktop
Environment. Kopete is a KDE instant messenger which supports a number of
protocols including ICQ, MSN, Yahoo, Jabber, and Gadu-Gadu.
Multiple integer overflow flaws were found in the way Kopete processes
Gadu-Gadu messages. A remote attacker could send a specially crafted
Gadu-Gadu message which would cause Kopete to crash or possibly execute
arbitrary code. The Common Vulnerabilities and Exposures project
assigned the name CAN-2005-1852 to this issue.
In order to be affected by this issue, a user would need to have registered
with Gadu-Gadu and be signed in to the Gadu-Gadu server in order to receive
a malicious message. In addition, Red Hat believes that the Exec-shield
technology (enabled by default in Red Hat Enterprise Linux 4) would block
attempts to remotely exploit this vulnerability.
Note that this issue does not affect Red Hat Enterprise Linux 2.1 or 3.
Users of Kopete should update to these packages which contain a
patch to correct this issue.
4. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via Red Hat Network. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:
up2date
This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.
5. Bug IDs fixed (http://bugzilla.redhat.com/):
163811 - CAN-2005-1852 Kopete gadu-gadu flaws
6. RPMs required:
Red Hat Enterprise Linux AS version 4:
SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/kdenetwork-3.3.1-2.3.src.rpm
4d73843cbbcbf0f0ee1a3a9f7a3f7932 kdenetwork-3.3.1-2.3.src.rpm
i386:
bb90b0ceb81c85b9e329b49d30bff1f6 kdenetwork-3.3.1-2.3.i386.rpm
49ab06ee9b0cb4cb2e851a89688422b5 kdenetwork-devel-3.3.1-2.3.i386.rpm
fa35b167ffe98d2cf50edb95b03bc03a kdenetwork-nowlistening-3.3.1-2.3.i386.rpm
ia64:
3a1ecfa51031cb82d59c95a94be3bca0 kdenetwork-3.3.1-2.3.ia64.rpm
fbda969a428e54cbd6b1b06b86498693 kdenetwork-devel-3.3.1-2.3.ia64.rpm
bc8975dacb662a74fe6f675a7bd9b107 kdenetwork-nowlistening-3.3.1-2.3.ia64.rpm
ppc:
e700306fc8af2647c6c1e9ab27160b11 kdenetwork-3.3.1-2.3.ppc.rpm
72b1d01d47a9f7c0aef8d42c0d56be81 kdenetwork-devel-3.3.1-2.3.ppc.rpm
d48485fba0d6275ff7b27332c217cde5 kdenetwork-nowlistening-3.3.1-2.3.ppc.rpm
s390:
ebe481a9cbe64d6dca04412fa931f85b kdenetwork-3.3.1-2.3.s390.rpm
0f6f5d291cdd5f2f67e1c2cf1b7cfe29 kdenetwork-devel-3.3.1-2.3.s390.rpm
121c5802302ff1e97f0d42fb3b8a83cd kdenetwork-nowlistening-3.3.1-2.3.s390.rpm
s390x:
8a4dabb465fe0b7e30049f02e212c011 kdenetwork-3.3.1-2.3.s390x.rpm
1c1373d084dbd2c9a8b5d5cc7982d27d kdenetwork-devel-3.3.1-2.3.s390x.rpm
9c628f1b5ba78f188eb336ad4a3ac223 kdenetwork-nowlistening-3.3.1-2.3.s390x.rpm
x86_64:
332a9169f1c435736553380dc5ce56ec kdenetwork-3.3.1-2.3.x86_64.rpm
ed34f101f51abdbbc1c2d83d21cc6e87 kdenetwork-devel-3.3.1-2.3.x86_64.rpm
3fa57e6865b5b948ad35895054d15a58 kdenetwork-nowlistening-3.3.1-2.3.x86_64.rpm
Red Hat Enterprise Linux Desktop version 4:
SRPMS:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/kdenetwork-3.3.1-2.3.src.rpm
4d73843cbbcbf0f0ee1a3a9f7a3f7932 kdenetwork-3.3.1-2.3.src.rpm
i386:
bb90b0ceb81c85b9e329b49d30bff1f6 kdenetwork-3.3.1-2.3.i386.rpm
49ab06ee9b0cb4cb2e851a89688422b5 kdenetwork-devel-3.3.1-2.3.i386.rpm
fa35b167ffe98d2cf50edb95b03bc03a kdenetwork-nowlistening-3.3.1-2.3.i386.rpm
x86_64:
332a9169f1c435736553380dc5ce56ec kdenetwork-3.3.1-2.3.x86_64.rpm
ed34f101f51abdbbc1c2d83d21cc6e87 kdenetwork-devel-3.3.1-2.3.x86_64.rpm
3fa57e6865b5b948ad35895054d15a58 kdenetwork-nowlistening-3.3.1-2.3.x86_64.rpm
Red Hat Enterprise Linux ES version 4:
SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/kdenetwork-3.3.1-2.3.src.rpm
4d73843cbbcbf0f0ee1a3a9f7a3f7932 kdenetwork-3.3.1-2.3.src.rpm
i386:
bb90b0ceb81c85b9e329b49d30bff1f6 kdenetwork-3.3.1-2.3.i386.rpm
49ab06ee9b0cb4cb2e851a89688422b5 kdenetwork-devel-3.3.1-2.3.i386.rpm
fa35b167ffe98d2cf50edb95b03bc03a kdenetwork-nowlistening-3.3.1-2.3.i386.rpm
ia64:
3a1ecfa51031cb82d59c95a94be3bca0 kdenetwork-3.3.1-2.3.ia64.rpm
fbda969a428e54cbd6b1b06b86498693 kdenetwork-devel-3.3.1-2.3.ia64.rpm
bc8975dacb662a74fe6f675a7bd9b107 kdenetwork-nowlistening-3.3.1-2.3.ia64.rpm
x86_64:
332a9169f1c435736553380dc5ce56ec kdenetwork-3.3.1-2.3.x86_64.rpm
ed34f101f51abdbbc1c2d83d21cc6e87 kdenetwork-devel-3.3.1-2.3.x86_64.rpm
3fa57e6865b5b948ad35895054d15a58 kdenetwork-nowlistening-3.3.1-2.3.x86_64.rpm
Red Hat Enterprise Linux WS version 4:
SRPMS:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/kdenetwork-3.3.1-2.3.src.rpm
4d73843cbbcbf0f0ee1a3a9f7a3f7932 kdenetwork-3.3.1-2.3.src.rpm
i386:
bb90b0ceb81c85b9e329b49d30bff1f6 kdenetwork-3.3.1-2.3.i386.rpm
49ab06ee9b0cb4cb2e851a89688422b5 kdenetwork-devel-3.3.1-2.3.i386.rpm
fa35b167ffe98d2cf50edb95b03bc03a kdenetwork-nowlistening-3.3.1-2.3.i386.rpm
ia64:
3a1ecfa51031cb82d59c95a94be3bca0 kdenetwork-3.3.1-2.3.ia64.rpm
fbda969a428e54cbd6b1b06b86498693 kdenetwork-devel-3.3.1-2.3.ia64.rpm
bc8975dacb662a74fe6f675a7bd9b107 kdenetwork-nowlistening-3.3.1-2.3.ia64.rpm
x86_64:
332a9169f1c435736553380dc5ce56ec kdenetwork-3.3.1-2.3.x86_64.rpm
ed34f101f51abdbbc1c2d83d21cc6e87 kdenetwork-devel-3.3.1-2.3.x86_64.rpm
3fa57e6865b5b948ad35895054d15a58 kdenetwork-nowlistening-3.3.1-2.3.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package
7. References:
http://www.kde.org/info/security/advisory-20050721-1.txt
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1852
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://www.redhat.com/security/team/contact/
Copyright 2005 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQFC4EvgXlSAg2UNWIIRAlruAJ9OqVeQERYmkVQOvDjTl9rPBNcYVACgpJy9
wYFITcEYeU0wJDYATgPmfLA=
=vbwB
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
If you believe that your computer system has been compromised or attacked in
any way, we encourage you to let us know by completing the secure National IT
Incident Reporting Form at:
http://www.auscert.org.au/render.html?it=3192
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQCVAwUBQuBaASh9+71yA2DNAQITRgP/U2C1amLI90QWdqFPyS1nrLRINt/fDqFh
XBLzZGgV50XBgY8hRpiewSBtYgsu/Z49942wEr38CfwH/JfUp2i0LouNlrLP3kjO
+QbmCOkcE0oEtTb3TUEdVr59Kthe5RBKjIq7hhTZJirmSeBSUx+ZXFNoT1LIh88x
nYqfN5Xf29A=
=m9aP
-----END PGP SIGNATURE-----