Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2009.1124.2 New znc packages fix remote code execution 5 August 2009 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: znc Publisher: Debian Operating System: Debian GNU/Linux 4 Debian GNU/Linux 5 Impact/Access: Create Arbitrary Files -- Existing Account CVE Names: CVE-2009-2658 Reference: ASB-2009.1027 Original Bulletin: http://www.debian.org/security/2009/dsa-1848 Revision History: August 5 2009: CVE reference added August 3 2009: Initial Release - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - ------------------------------------------------------------------------ Debian Security Advisory DSA-1848-1 security@debian.org http://www.debian.org/security/ Florian Weimer August 02, 2009 http://www.debian.org/security/faq - - ------------------------------------------------------------------------ Package : znc Vulnerability : directory traversal Problem type : remote Debian-specific: no Debian Bug : 537977 It was discovered that znc, an IRC proxy, did not properly process certain DCC requests, allowing attackers to upload arbitrary files. For the old stable distribution (etch), this problem has been fixed in version 0.045-3+etch3. For the stable distribution (lenny), this problem has been fixed in version 0.058-2+lenny3. For the unstable distribution (sid), this problem has been fixed in version 0.074-1. We recommend that you upgrade your znc package. Upgrade instructions - - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 4.0 alias etch - - ------------------------------- Source archives: http://security.debian.org/pool/updates/main/z/znc/znc_0.045-3+etch3.dsc Size/MD5 checksum: 667 933a585b14d230df9dd1a8b6ee5ad4b6 http://security.debian.org/pool/updates/main/z/znc/znc_0.045-3+etch3.diff.gz Size/MD5 checksum: 14501 330d9e4ac7894dbfec53bf9cf1e52660 http://security.debian.org/pool/updates/main/z/znc/znc_0.045.orig.tar.gz Size/MD5 checksum: 204863 9a514b125b7514811fd03befa73cce77 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/z/znc/znc_0.045-3+etch3_alpha.deb Size/MD5 checksum: 863536 a49fb4cba67de68d20b9da2cd8867362 amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/z/znc/znc_0.045-3+etch3_amd64.deb Size/MD5 checksum: 794176 ed5f4fe35ce0a2550aa16a423e100065 arm architecture (ARM) http://security.debian.org/pool/updates/main/z/znc/znc_0.045-3+etch3_arm.deb Size/MD5 checksum: 906432 f49d4961b57febdbc184146bbc0aca2f hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/z/znc/znc_0.045-3+etch3_hppa.deb Size/MD5 checksum: 860972 659a6b3b95f80220b8c55fc54c7c1657 i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/z/znc/znc_0.045-3+etch3_i386.deb Size/MD5 checksum: 811820 e2ed63396c2813e5e8a064ab5b4ac646 ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/z/znc/znc_0.045-3+etch3_ia64.deb Size/MD5 checksum: 963774 37187a7fb2cc43d51e8112330311334a mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/z/znc/znc_0.045-3+etch3_mips.deb Size/MD5 checksum: 716040 9f206ba9ef54ff3658bbf62c5ec448b5 mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/z/znc/znc_0.045-3+etch3_mipsel.deb Size/MD5 checksum: 714202 272cbc77e814fb6ef155e0cd33a1fcbe powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/z/znc/znc_0.045-3+etch3_powerpc.deb Size/MD5 checksum: 793154 84bb601bf6ebf409fbca63545b37c123 s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/z/znc/znc_0.045-3+etch3_s390.deb Size/MD5 checksum: 735198 67f86f69500e96461d1cea10fead09a9 sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/z/znc/znc_0.045-3+etch3_sparc.deb Size/MD5 checksum: 751090 1a0088824517b4f542e9589febc25536 Debian GNU/Linux 5.0 alias lenny - - -------------------------------- Source archives: http://security.debian.org/pool/updates/main/z/znc/znc_0.058-2+lenny3.dsc Size/MD5 checksum: 1037 93fe1b9b7bd7aeebd7b3e0c3854a477f http://security.debian.org/pool/updates/main/z/znc/znc_0.058-2+lenny3.diff.gz Size/MD5 checksum: 9628 6fd05e2dbb8e6796dcc647bd79e9d1a0 http://security.debian.org/pool/updates/main/z/znc/znc_0.058.orig.tar.gz Size/MD5 checksum: 340741 c02fd740c55d5b3a7912f7584344103e alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/z/znc/znc_0.058-2+lenny3_alpha.deb Size/MD5 checksum: 1096456 18a4159f41d3b931b31f98b84d2fb269 amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/z/znc/znc_0.058-2+lenny3_amd64.deb Size/MD5 checksum: 1031744 bc265fa88c9bb707b67e757b63ed5853 arm architecture (ARM) http://security.debian.org/pool/updates/main/z/znc/znc_0.058-2+lenny3_arm.deb Size/MD5 checksum: 1152106 dbf436ac4085fa58d3d51c6f9b642c16 armel architecture (ARM EABI) http://security.debian.org/pool/updates/main/z/znc/znc_0.058-2+lenny3_armel.deb Size/MD5 checksum: 964084 fe6c30329c2deb11d40875b8642d3127 hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/z/znc/znc_0.058-2+lenny3_hppa.deb Size/MD5 checksum: 1164842 cf1a064e2ece7df88b9d4b9370811d8b i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/z/znc/znc_0.058-2+lenny3_i386.deb Size/MD5 checksum: 1010412 654653749e84562db775a6dfd1ca3ebd ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/z/znc/znc_0.058-2+lenny3_ia64.deb Size/MD5 checksum: 1183120 31579bc427d4cf4f941b3aea648740d2 mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/z/znc/znc_0.058-2+lenny3_mips.deb Size/MD5 checksum: 915526 a94198400fd7832802260953d8f10acb mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/z/znc/znc_0.058-2+lenny3_mipsel.deb Size/MD5 checksum: 907738 b794ceddef5b50eb6ecad8b16aaff23b powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/z/znc/znc_0.058-2+lenny3_powerpc.deb Size/MD5 checksum: 1035914 3176e289856565c20528b779b5dd5b65 s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/z/znc/znc_0.058-2+lenny3_s390.deb Size/MD5 checksum: 971812 b51b7e7bb2d2b26ac7619a2db5274def sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/z/znc/znc_0.058-2+lenny3_sparc.deb Size/MD5 checksum: 1003518 681f3ddd6b61aaae7329b3835d926978 These files will probably be moved into the stable distribution on its next update. - - --------------------------------------------------------------------------------- For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg> - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iQEcBAEBAgAGBQJKdZKTAAoJEL97/wQC1SS+81MH/04oT9CB1bDrljLTxBZ1CKLp WiTLaa1U1lbmCMdSFpAl3U5Bpc9vW0AKGXAXPRYPPfYy+zaAvHoiiWgrvblkvnMk iDh8qA38PyQShCkd7cyegCPgvTHNwzUoK5Q8d05jnEw6rjuMsaNwbuvbAsbIU3m7 a0jIz6atW+J/i3UxuEQjtO4N3QYzrzaSXlvWKyNpx2udgXKbHHlw7sjjLqrdKE55 6CVuOWBfFurikvn0IPA5U9qxyI5KwhJlZlZyLafag43+V5afdK1srO+avUXlfJvy VR+rerLV/ZOAcgFxvvzYioYT2yBrptpl0/e/92gnJE54oqBXnRlnj9AtvbPU63E= =vHUu - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 If you believe that your computer system has been compromised or attacked in any way, we encourage you to let us know by completing the secure National IT Incident Reporting Form at: http://www.auscert.org.au/render.html?it=3192 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iD8DBQFKeP7eNVH5XJJInbgRAj2jAJ96MqPO7t9CvDTKZ0ccMVTTTQxx/wCeNVBY D/xNJ2h/MtywYx/Pt7q4ocs= =HUmX -----END PGP SIGNATURE-----