Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Bugtraq
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Fwd: Re: [vchkpw] vpopmail <= 5.4.2 (sybase vulnerability) (fwd)]

from [Myron Davis] Network Security [Permanent Link]
Subject: [Fwd: Re: [vchkpw] vpopmail <= 5.4.2 (sybase vulnerability) (fwd)]
Date: Thu, 19 Aug 2004 09:25:04 -0800 (AKDT) 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ---------------------------- Original Message ----------------------------
Subject: Re: [vchkpw] vpopmail <= 5.4.2 (sybase vulnerability) (fwd) From:
   "Tom Collins" <tom@tomlogic.com>
Date:    Thu, August 19, 2004 9:12 am
To:      vchkpw@inter7.com
Cc:      Jérôme ATHIAS <jerome.athias@caramail.com>
- --------------------------------------------------------------------------

On Aug 19, 2004, at 7:37 AM, Chris Ess wrote:

I don't know if this is even relevant anymore (i.e. has been fixed) but

this showed up on bugtraq yesterday.  Figured I should pass it along,
just

in case.

Sincerely,


Chris Ess
System Administrator / CDTT (Certified Duct Tape Technician)

---------- Forwarded message ----------
Date: 17 Aug 2004 10:44:52 -0000
From: Jérôme ATHIAS <jerome.athias@caramail.com>
To: bugtraq@securityfocus.com
Subject: vpopmail <= 5.4.2 (sybase vulnerability)

Bug: format string and buffer overflow (sybase)
Product: vpopmail <= 5.4.2 (sybase vulnerability)
Author: Werro [werro@list.ru]
Realease Date : 12/08/04
Risk: Low
Vendor status: Vendor is in a big shit :)
Reference: http://web-hack.ru/unl0ck/advisories/


Overview:
vpopmail is a set of programs for creating and managing
multiple virtual domains on a qmail server.

Details:
Bugs were founded in SyBase. In vsybase.c file.


Thanks for sending this.  I started addressing the SQL injection
vulnerabilities last March with code that made it into the 5.5.0
development release.  That code flowed into the 5.4.6 release on June
30th.  I had marked that release as "development" instead of "stable",
but it's in use by many sites in production, so I'll switch it over to
"stable" today.

Vpopmail sites using any SQL backend (i.e., non-cdb sites) should  upgrade
to the 5.4.6 release to close off the SQL injection
vulnerabilities in previous releases.  The vulnerabilities made it
possible for a remote attacker to insert additional SQL commands into
data passed into POP/IMAP login, SMTP AUTH, or a QmailAdmin login.

The possible buffer overflow is in the code for adding a user, so it
would only be exploitable by an admin.  Even so, I've fixed the problem
in CVS and the change will be in the next stable release.  I've also
contacted the publisher of the original report (but have not posted a
followup to bugtraq since I'm not a subscriber).

- --
Tom Collins  -  tom@tomlogic.com
QmailAdmin: http://qmailadmin.sf.net/  Vpopmail: http://vpopmail.sf.net/
Info on the Sniffter hand-held Network Tester: http://sniffter.com/




-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)

iD8DBQFBJOJvifbfg5b2FvURArfuAKChGxJC/K5gWkorKGA6kU1iye/qhwCg9OBr
6qX5CnU/POp+P1NWqTxKrkM=
=+mS5
-----END PGP SIGNATURE-----
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [Fwd: Re: [vchkpw] vpopmail <= 5.4.2 (sybase vulnerability) (fwd)], Myron Davis <=
Previous by Date:  Re: SHA-0 Broken, MD5 Rumored Broken, stanislav shalunov
Next by Date:  BadBlue Webserver v2.5 Denial Of Service Vulnerability, GulfTech Security
Previous by Thread:  Buffer overflow in sarad, Matthias Bethke
Next by Thread:  BadBlue Webserver v2.5 Denial Of Service Vulnerability, GulfTech Security
Indexes:  [Date] [Thread] [Top] [All Lists]