[secure-testing-announce] [DTSA-11-1] New maildrop packages fix local privilege escalation

Subject: [secure-testing-announce] [DTSA-11-1] New maildrop packages fix local privilege escalation
From: joey at kitenet.net (Joey Hess)
Date: Tue Aug 30 16:52:16 2005
Message-id: <[🔎] 20050830165018.49E91BF7DC@dragon.kitenet.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- -----------------------------------------------------------------------------
Debian Testing Security Advisory DTSA-11-1    http://secure-testing.debian.net
secure-testing-team@lists.alioth.debian.org                     Andres Salomon
August 29th, 2005
- -----------------------------------------------------------------------------

Package        : maildrop
Vulnerability  : local privilege escalation
Problem-Type   : local
Debian-specific: yes
CVE ID         : CAN-2005-2655

The lockmail binary shipped with maildrop allows for an attacker to
obtain an effective gid as group "mail".  Debian ships the binary with its
setgid bit set, but the program does not drop privileges when run.  It takes
an argument that is executed, and since it does not drop privileges, an
attacker can execute an arbitrary command with an effective gid of the "mail"
group.

For the testing distribution (etch) this is fixed in version
1.5.3-1.1etch1.

For the unstable distribution (sid) this is fixed in version
1.5.3-2.

This upgrade is strongly recommended if you use maildrop.

The Debian testing security team does not track security issues for the
stable distribution (woody). If stable is vulnerable, the Debian security
team will make an announcement once a fix is ready.

Upgrade Instructions
- --------------------

To use the Debian testing security archive, add the following lines to
your /etc/apt/sources.list:

  deb http://secure-testing.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free
  deb-src http://secure-testing.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free

The archive signing key can be downloaded from
http://secure-testing.debian.net/ziyi-2005-7.asc

To install the update, run this command as root:

  apt-get update && apt-get install maildrop

For further information about the Debian testing security team, please refer
to http://secure-testing.debian.net/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFDFI5K2tp5zXiKP0wRAgRFAJ0ffszM40zDcb1MKoo6okelzaUuLACg0tUb
ZmBVmdQdNd81qGdVCcV/SOQ=
=h2/j
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [secure-testing-announce] [DTSA-10-1] New pcre3 packages fix buffer overflow
Previous by thread: [secure-testing-announce] [DTSA-10-1] New pcre3 packages fix buffer overflow
Index(es):
- Date
- Thread