Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2005.0586 -- RHSA-2005:639-01 Critical: kdenetwork security update 22 July 2005 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Kopete Publisher: Red Hat Operating System: Red Hat Enterprise Linux AS/ES/WS 4 Red Hat Enterprise Linux Desktop 4 Impact: Execute Arbitrary Code/Commands Denial of Service Access: Remote/Unauthenticated CVE Names: CAN-2005-1852 Ref: ESB-2005.0585 Original Bulletin: https://rhn.redhat.com/errata/RHSA-2005-639.html - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Critical: kdenetwork security update Advisory ID: RHSA-2005:639-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-639.html Issue date: 2005-07-21 Updated on: 2005-07-21 Product: Red Hat Enterprise Linux CVE Names: CAN-2005-1852 - - --------------------------------------------------------------------- 1. Summary: Updated kdenetwork packages to correct a security flaw in Kopete are now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: The kdenetwork package contains networking applications for the K Desktop Environment. Kopete is a KDE instant messenger which supports a number of protocols including ICQ, MSN, Yahoo, Jabber, and Gadu-Gadu. Multiple integer overflow flaws were found in the way Kopete processes Gadu-Gadu messages. A remote attacker could send a specially crafted Gadu-Gadu message which would cause Kopete to crash or possibly execute arbitrary code. The Common Vulnerabilities and Exposures project assigned the name CAN-2005-1852 to this issue. In order to be affected by this issue, a user would need to have registered with Gadu-Gadu and be signed in to the Gadu-Gadu server in order to receive a malicious message. In addition, Red Hat believes that the Exec-shield technology (enabled by default in Red Hat Enterprise Linux 4) would block attempts to remotely exploit this vulnerability. Note that this issue does not affect Red Hat Enterprise Linux 2.1 or 3. Users of Kopete should update to these packages which contain a patch to correct this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 163811 - CAN-2005-1852 Kopete gadu-gadu flaws 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/kdenetwork-3.3.1-2.3.src.rpm 4d73843cbbcbf0f0ee1a3a9f7a3f7932 kdenetwork-3.3.1-2.3.src.rpm i386: bb90b0ceb81c85b9e329b49d30bff1f6 kdenetwork-3.3.1-2.3.i386.rpm 49ab06ee9b0cb4cb2e851a89688422b5 kdenetwork-devel-3.3.1-2.3.i386.rpm fa35b167ffe98d2cf50edb95b03bc03a kdenetwork-nowlistening-3.3.1-2.3.i386.rpm ia64: 3a1ecfa51031cb82d59c95a94be3bca0 kdenetwork-3.3.1-2.3.ia64.rpm fbda969a428e54cbd6b1b06b86498693 kdenetwork-devel-3.3.1-2.3.ia64.rpm bc8975dacb662a74fe6f675a7bd9b107 kdenetwork-nowlistening-3.3.1-2.3.ia64.rpm ppc: e700306fc8af2647c6c1e9ab27160b11 kdenetwork-3.3.1-2.3.ppc.rpm 72b1d01d47a9f7c0aef8d42c0d56be81 kdenetwork-devel-3.3.1-2.3.ppc.rpm d48485fba0d6275ff7b27332c217cde5 kdenetwork-nowlistening-3.3.1-2.3.ppc.rpm s390: ebe481a9cbe64d6dca04412fa931f85b kdenetwork-3.3.1-2.3.s390.rpm 0f6f5d291cdd5f2f67e1c2cf1b7cfe29 kdenetwork-devel-3.3.1-2.3.s390.rpm 121c5802302ff1e97f0d42fb3b8a83cd kdenetwork-nowlistening-3.3.1-2.3.s390.rpm s390x: 8a4dabb465fe0b7e30049f02e212c011 kdenetwork-3.3.1-2.3.s390x.rpm 1c1373d084dbd2c9a8b5d5cc7982d27d kdenetwork-devel-3.3.1-2.3.s390x.rpm 9c628f1b5ba78f188eb336ad4a3ac223 kdenetwork-nowlistening-3.3.1-2.3.s390x.rpm x86_64: 332a9169f1c435736553380dc5ce56ec kdenetwork-3.3.1-2.3.x86_64.rpm ed34f101f51abdbbc1c2d83d21cc6e87 kdenetwork-devel-3.3.1-2.3.x86_64.rpm 3fa57e6865b5b948ad35895054d15a58 kdenetwork-nowlistening-3.3.1-2.3.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/kdenetwork-3.3.1-2.3.src.rpm 4d73843cbbcbf0f0ee1a3a9f7a3f7932 kdenetwork-3.3.1-2.3.src.rpm i386: bb90b0ceb81c85b9e329b49d30bff1f6 kdenetwork-3.3.1-2.3.i386.rpm 49ab06ee9b0cb4cb2e851a89688422b5 kdenetwork-devel-3.3.1-2.3.i386.rpm fa35b167ffe98d2cf50edb95b03bc03a kdenetwork-nowlistening-3.3.1-2.3.i386.rpm x86_64: 332a9169f1c435736553380dc5ce56ec kdenetwork-3.3.1-2.3.x86_64.rpm ed34f101f51abdbbc1c2d83d21cc6e87 kdenetwork-devel-3.3.1-2.3.x86_64.rpm 3fa57e6865b5b948ad35895054d15a58 kdenetwork-nowlistening-3.3.1-2.3.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/kdenetwork-3.3.1-2.3.src.rpm 4d73843cbbcbf0f0ee1a3a9f7a3f7932 kdenetwork-3.3.1-2.3.src.rpm i386: bb90b0ceb81c85b9e329b49d30bff1f6 kdenetwork-3.3.1-2.3.i386.rpm 49ab06ee9b0cb4cb2e851a89688422b5 kdenetwork-devel-3.3.1-2.3.i386.rpm fa35b167ffe98d2cf50edb95b03bc03a kdenetwork-nowlistening-3.3.1-2.3.i386.rpm ia64: 3a1ecfa51031cb82d59c95a94be3bca0 kdenetwork-3.3.1-2.3.ia64.rpm fbda969a428e54cbd6b1b06b86498693 kdenetwork-devel-3.3.1-2.3.ia64.rpm bc8975dacb662a74fe6f675a7bd9b107 kdenetwork-nowlistening-3.3.1-2.3.ia64.rpm x86_64: 332a9169f1c435736553380dc5ce56ec kdenetwork-3.3.1-2.3.x86_64.rpm ed34f101f51abdbbc1c2d83d21cc6e87 kdenetwork-devel-3.3.1-2.3.x86_64.rpm 3fa57e6865b5b948ad35895054d15a58 kdenetwork-nowlistening-3.3.1-2.3.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/kdenetwork-3.3.1-2.3.src.rpm 4d73843cbbcbf0f0ee1a3a9f7a3f7932 kdenetwork-3.3.1-2.3.src.rpm i386: bb90b0ceb81c85b9e329b49d30bff1f6 kdenetwork-3.3.1-2.3.i386.rpm 49ab06ee9b0cb4cb2e851a89688422b5 kdenetwork-devel-3.3.1-2.3.i386.rpm fa35b167ffe98d2cf50edb95b03bc03a kdenetwork-nowlistening-3.3.1-2.3.i386.rpm ia64: 3a1ecfa51031cb82d59c95a94be3bca0 kdenetwork-3.3.1-2.3.ia64.rpm fbda969a428e54cbd6b1b06b86498693 kdenetwork-devel-3.3.1-2.3.ia64.rpm bc8975dacb662a74fe6f675a7bd9b107 kdenetwork-nowlistening-3.3.1-2.3.ia64.rpm x86_64: 332a9169f1c435736553380dc5ce56ec kdenetwork-3.3.1-2.3.x86_64.rpm ed34f101f51abdbbc1c2d83d21cc6e87 kdenetwork-devel-3.3.1-2.3.x86_64.rpm 3fa57e6865b5b948ad35895054d15a58 kdenetwork-nowlistening-3.3.1-2.3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://www.kde.org/info/security/advisory-20050721-1.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1852 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFC4EvgXlSAg2UNWIIRAlruAJ9OqVeQERYmkVQOvDjTl9rPBNcYVACgpJy9 wYFITcEYeU0wJDYATgPmfLA= =vbwB - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 If you believe that your computer system has been compromised or attacked in any way, we encourage you to let us know by completing the secure National IT Incident Reporting Form at: http://www.auscert.org.au/render.html?it=3192 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQCVAwUBQuBaASh9+71yA2DNAQITRgP/U2C1amLI90QWdqFPyS1nrLRINt/fDqFh XBLzZGgV50XBgY8hRpiewSBtYgsu/Z49942wEr38CfwH/JfUp2i0LouNlrLP3kjO +QbmCOkcE0oEtTb3TUEdVr59Kthe5RBKjIq7hhTZJirmSeBSUx+ZXFNoT1LIh88x nYqfN5Xf29A= =m9aP -----END PGP SIGNATURE-----