Openwall Project   /home  Owl  JtR  Pro  crypt  pam_passwdqc  tcb  phpass  scanlogd  popa3d  msulogin  /  Linux  BIND  /  advisories  presentations  /  services  donations  /  wordlists  passwords  /  NEWS  community  lists  Wiki  CVSweb  mirrors  signatures
bringing security into open environments
 
Password Recovery Resources on the Net
[<prev] [next>] [<thread-prev] [month] [year] [list] 
Date: Thu, 11 Sep 2008 11:25:10 +0200
From: Robert Buchholz <rbu@...too.org>
To: oss-security@...ts.openwall.com
Subject: Re: ssmtp =2.62 unitialized memory disclosure

On Tuesday 09 September 2008, Robert Buchholz wrote:
> Hi,
>
> Maurice van der Pot of Gentoo reported a bug in ssmtp 2.62:
> The from_format() function in ssmtp.c will call strdup() on an
> unitialized memory if the user's gecos is unset and
> "FromLineOverride" is disabled in the configuration. This might
> disclose memory contents by sending them off in the the "From:" field
> of an email or cause a (client) crash.
>
> We're handling this as bug 234391 [ https://bugs.gentoo.org/234391 ].
> Patch: https://bugs.gentoo.org/attachment.cgi?id=165005
>
> ssmtp 2.61 is not affected.

As Tomas Hoger pointed out on IRC, 2.61 is affected as well -- I 
accidently checked our patched sources and not the vanilla tarball.
We added a patch to 2.61 in 2006, and accidently dropped it when bumping 
to 2.62.
Back then, this was bug 127592 [ https://bugs.gentoo.org/127592 ].

Thanks,
Robert

[ CONTENT OF TYPE application/pgp-signature SKIPPED ]

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux Powered by OpenVZ Bookmark and Share