Bug 198344
Summary: | CVE-2006-2941 Mailman DoS | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 4 | Reporter: | Mark J. Cox <mjc> |
Component: | mailman | Assignee: | Harald Hoyer <harald> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 4.0 | CC: | dkovalsk, security-response-team |
Target Milestone: | --- | Keywords: | Reopened, Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | reported=20060711,source=vendorsec,impact=moderate,public=20060904 | ||
Fixed In Version: | RHSA-2006-0600 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2006-09-06 19:52:53 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Mark J. Cox
2006-07-11 09:37:45 UTC
Created attachment 132224 [details]
Proposed patch from Ubuntu
embargo 20060718 1400 UTC Embargo may be extended by request of Barry Warsaw. Please don't open this bug at this time. Ok, wrote some test cases. RHEL3 and RHEL4 are _NOT_ vulnerable, cause python-2.3.4-14 has a email/Message.py which does not backtrace with strange filenames. RHEL3's python-2.2.3-5 also does not backtrace.. mailman from RHEL2.1 does not save attachements and does not parse any mime message headers. RHSA-2006:0600 is free for other things... sorry about the false alarm. I just checked, if the patch would apply. ok, now I have a better testcase... :-/ traceback.. Created attachment 132821 [details]
test case for traceback of pythons email.Message.get_filename()
Created attachment 133066 [details] test case for CVE-2006-2941 public, removing embargo http://sourceforge.net/project/shownotes.php?group_id=103&release_id=444295 http://secunia.com/advisories/21732 An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2006-0600.html |