126052 – net-mail/metamail: buffer overflow (CVE-2006-0709)

Bug 126052 - net-mail/metamail: buffer overflow (CVE-2006-0709)

Summary: net-mail/metamail: buffer overflow (CVE-2006-0709)

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	High major (vote)
Assignee:	Gentoo Security

URL:	http://www.cve.mitre.org/cgi-bin/cven...
Whiteboard:	B1 [glsa] DerCorny
Keywords:

Depends on:
Blocks:

Reported:	2006-03-13 09:43 UTC by Stefan Cornelius (RETIRED)
Modified:	2007-06-24 23:34 UTC (History)
CC List:	2 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
sample email from Debian bug. (metamail.txt,8.98 KB, text/plain) 2006-03-14 10:50 UTC, Tuan Van (RETIRED)	no flags	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Stefan Cornelius (RETIRED) gentoo-dev

2006-03-13 09:43:50 UTC

Buffer overflow in Metamail 2.7-50 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via e-mail messages with a long boundary attribute, a different vulnerability than CVE-2004-0105.

Comment 1 Stefan Cornelius (RETIRED) gentoo-dev

2006-03-13 09:44:58 UTC

net-mail please provide updated ebuilds, thanks.

Comment 2 Thierry Carrez (RETIRED) gentoo-dev

2006-03-13 10:34:53 UTC

Remote attacker can trigger by sending an email -> B1.

Comment 3 Tuan Van (RETIRED) gentoo-dev

2006-03-14 10:50:36 UTC

Created attachment 82118 [details]
sample email from Debian bug.

metamail-2.7.45.3-r1.ebuild committed.
attached is the sample email taken from Debian bug. metamail crash with

$ /usr/bin/metamail < metamail.txt
From: <metaur@localhost>
To: <metaur@localhost>
Subject: metamail crash bug

*** glibc detected *** free(): invalid next size (normal): 0x0805fc30 ***
Aborted

Security, please do your dance. Enjoy.

Comment 4 Thierry Carrez (RETIRED) gentoo-dev

2006-03-14 13:16:04 UTC

Archs please test and mark stable.

Comment 5 Fernando J. Pereda (RETIRED) gentoo-dev

2006-03-14 13:31:49 UTC

We came, we tested, we alpha'd.

Cheers,
Ferdy

Comment 6 Markus Rothe (RETIRED) gentoo-dev

2006-03-15 08:37:03 UTC

stable on ppc64

Comment 7 Chris White (RETIRED) gentoo-dev

2006-03-15 12:35:16 UTC

amd64 stable.

Comment 8 Andrej Kacian (RETIRED) gentoo-dev

2006-03-15 13:25:45 UTC

x86 stable. btw, halcy0n has really pretty blue eyes. :))

Comment 9 Jeroen Roovers (RETIRED) gentoo-dev

2006-03-15 17:05:54 UTC

hppa done by killerfox

Comment 10 Jason Wever (RETIRED) gentoo-dev

2006-03-15 18:21:49 UTC

SPARC'd

Comment 11 Tobias Scherbaum (RETIRED) gentoo-dev

2006-03-16 11:10:53 UTC

ppc stable

Comment 12 Stefan Cornelius (RETIRED) gentoo-dev

2006-03-17 01:50:05 UTC

ready for glsa

Comment 13 Stefan Cornelius (RETIRED) gentoo-dev

2006-03-17 10:41:54 UTC

GLSA 200603-16

Thanks everybody.