Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2009.1024 eggdrop 6 July 2009 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: eggdrop Publisher: Debian Operating System: Debian GNU/Linux 4.0 Debian GNU/Linux 5.0 UNIX variants (UNIX, Linux, OSX) Impact/Access: Execute Arbitrary Code/Commands -- Remote/Unauthenticated Denial of Service -- Remote/Unauthenticated Resolution: Upgrade CVE Names: CVE-2009-1789 CVE-2007-2807 Reference: ESB-2008.0009 Original Bulletin: http://www.debian.org/security/2009/dsa-1826 Comment: This advisory references vulnerabilities in products which run on platforms other than Debian. It is recommended that administrators running eggdrop check for an updated version of the software for their operating system. - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - ------------------------------------------------------------------------ Debian Security Advisory DSA-1826-1 security@debian.org http://www.debian.org/security/ Steffen Joeris July 04, 2009 http://www.debian.org/security/faq - - ------------------------------------------------------------------------ Package : eggdrop Vulnerability : several Problem type : remote Debian-specific: no CVE Id(s) : CVE-2007-2807 CVE-2009-1789 Debian Bugs : 427157 528778 Several vulnerabilities have been discovered in eggdrop, an advanced IRC robot. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2007-2807 It was discovered that eggdrop is vulnerable to a buffer overflow, which could result in a remote user executing arbitrary code. The previous DSA (DSA-1448-1) did not fix the issue correctly. CVE-2009-1789 It was discovered that eggdrop is vulnerable to a denial of service attack, that allows remote attackers to cause a crash via a crafted PRIVMSG. For the stable distribution (lenny), these problems have been fixed in version 1.6.19-1.1+lenny1. For the old stable distribution (etch), these problems have been fixed in version 1.6.18-1etch2. For the unstable distribution (sid), this problem has been fixed in version 1.6.19-1.2 We recommend that you upgrade your eggdrop package. Upgrade instructions - - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 4.0 alias etch - - ------------------------------- Debian (oldstable) - - ------------------ Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. Source archives: http://security.debian.org/pool/updates/main/e/eggdrop/eggdrop_1.6.18-1etch2.dsc Size/MD5 checksum: 650 594b4749b9ec89f7d369643895710ad8 http://security.debian.org/pool/updates/main/e/eggdrop/eggdrop_1.6.18-1etch2.diff.gz Size/MD5 checksum: 8016 1a18e0a558c7de704c220e6ed0f14bff http://security.debian.org/pool/updates/main/e/eggdrop/eggdrop_1.6.18.orig.tar.gz Size/MD5 checksum: 1025608 c2734a51926bdf0380d8bb53f5a7b2ee Architecture independent packages: http://security.debian.org/pool/updates/main/e/eggdrop/eggdrop-data_1.6.18-1etch2_all.deb Size/MD5 checksum: 413124 5f8afe289ebefcc7921fc1a9189c7efd alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/e/eggdrop/eggdrop_1.6.18-1etch2_alpha.deb Size/MD5 checksum: 597062 c79a36069bad2181b84fc8d49b944b16 amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/e/eggdrop/eggdrop_1.6.18-1etch2_amd64.deb Size/MD5 checksum: 537512 9c3244b387ee9ceddb1dda220247a4f1 arm architecture (ARM) http://security.debian.org/pool/updates/main/e/eggdrop/eggdrop_1.6.18-1etch2_arm.deb Size/MD5 checksum: 498890 055e953dcb486f625a15459dc55aab19 hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/e/eggdrop/eggdrop_1.6.18-1etch2_hppa.deb Size/MD5 checksum: 600144 ac69ebc0c01053cd4cbd35eba71546a8 i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/e/eggdrop/eggdrop_1.6.18-1etch2_i386.deb Size/MD5 checksum: 475340 945bb805188e10c0ce96e0b5d2295deb ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/e/eggdrop/eggdrop_1.6.18-1etch2_ia64.deb Size/MD5 checksum: 755532 724ae130ed456eb5d5a229fa9a9c1669 mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/e/eggdrop/eggdrop_1.6.18-1etch2_mips.deb Size/MD5 checksum: 533850 60232404dbc3aab7be1bbd44f9727cf7 mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/e/eggdrop/eggdrop_1.6.18-1etch2_mipsel.deb Size/MD5 checksum: 537320 40f9df7e42a932ea8c0c91d9c778505d powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/e/eggdrop/eggdrop_1.6.18-1etch2_powerpc.deb Size/MD5 checksum: 522414 27b819f07a51ef3027bf89e77afbfeea s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/e/eggdrop/eggdrop_1.6.18-1etch2_s390.deb Size/MD5 checksum: 530102 32d0911a7a50d9de96313ec56d707c09 sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/e/eggdrop/eggdrop_1.6.18-1etch2_sparc.deb Size/MD5 checksum: 490614 8985bad87328abe986ccd99d5d4a106f Debian GNU/Linux 5.0 alias lenny - - -------------------------------- Debian (stable) - - --------------- Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. Source archives: http://security.debian.org/pool/updates/main/e/eggdrop/eggdrop_1.6.19-1.1+lenny1.dsc Size/MD5 checksum: 1083 0fbb3a99c0027705fd9459ff03fce710 http://security.debian.org/pool/updates/main/e/eggdrop/eggdrop_1.6.19.orig.tar.gz Size/MD5 checksum: 1033152 4d89a901e95f0f9937f4ffac783d55d8 http://security.debian.org/pool/updates/main/e/eggdrop/eggdrop_1.6.19-1.1+lenny1.diff.gz Size/MD5 checksum: 17603 73742e8b01487405d815296f5fb91a58 Architecture independent packages: http://security.debian.org/pool/updates/main/e/eggdrop/eggdrop-data_1.6.19-1.1+lenny1_all.deb Size/MD5 checksum: 412066 7e5a850e026fe53cfade4e6dd43948af alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/e/eggdrop/eggdrop_1.6.19-1.1+lenny1_alpha.deb Size/MD5 checksum: 593730 d791d84436f4ba40ac542afdb5181588 amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/e/eggdrop/eggdrop_1.6.19-1.1+lenny1_amd64.deb Size/MD5 checksum: 545870 0bba74f2562866bb282d5ac9c575d042 arm architecture (ARM) http://security.debian.org/pool/updates/main/e/eggdrop/eggdrop_1.6.19-1.1+lenny1_arm.deb Size/MD5 checksum: 507040 86269695984245a98e23a2ec3c48259d armel architecture (ARM EABI) http://security.debian.org/pool/updates/main/e/eggdrop/eggdrop_1.6.19-1.1+lenny1_armel.deb Size/MD5 checksum: 523006 14ec7c7ea8de55c77a554c2b8871231a hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/e/eggdrop/eggdrop_1.6.19-1.1+lenny1_hppa.deb Size/MD5 checksum: 591212 9f79dac9962932605a4dc331f201736d i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/e/eggdrop/eggdrop_1.6.19-1.1+lenny1_i386.deb Size/MD5 checksum: 468618 1231dad4cd3f847298efd9c453ec7a67 ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/e/eggdrop/eggdrop_1.6.19-1.1+lenny1_ia64.deb Size/MD5 checksum: 750226 a24c908ebc0e6ee68f5d07778527b767 mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/e/eggdrop/eggdrop_1.6.19-1.1+lenny1_mips.deb Size/MD5 checksum: 523760 a62db58be23b5a3b2d568344f1d7503d mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/e/eggdrop/eggdrop_1.6.19-1.1+lenny1_mipsel.deb Size/MD5 checksum: 526202 431f1302ef1539336b57887e58317aa5 powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/e/eggdrop/eggdrop_1.6.19-1.1+lenny1_powerpc.deb Size/MD5 checksum: 532980 435c9a597ba6a84b2f7fb655fbd06d2b s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/e/eggdrop/eggdrop_1.6.19-1.1+lenny1_s390.deb Size/MD5 checksum: 527910 4b95f23c5e1cd5120d5bfaf0fc4e420f sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/e/eggdrop/eggdrop_1.6.19-1.1+lenny1_sparc.deb Size/MD5 checksum: 479812 cabbfb068f710ecba8715a89815fe252 These files will probably be moved into the stable distribution on its next update. - - --------------------------------------------------------------------------------- For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg> - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkpOw2wACgkQ62zWxYk/rQe2VACeKGzfpUAXZEfTvVPOmQqRW9Z5 /5oAnA+PZjuAarXURzc923k2zul0vzag =R3e5 - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 If you believe that your computer system has been compromised or attacked in any way, we encourage you to let us know by completing the secure National IT Incident Reporting Form at: http://www.auscert.org.au/render.html?it=3192 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iD8DBQFKUWZcNVH5XJJInbgRAhXHAJ4nsOjqXWOs+lEGT919wQwKfRMoAQCePQzq x4yeKTGJ08/TxAu875a/s3A= =sVR6 -----END PGP SIGNATURE-----