Rob Brown Net-Server Perl Module Logging Function Format String Vulnerability
BID:13193
Info
Rob Brown Net-Server Perl Module Logging Function Format String Vulnerability
| Bugtraq ID: | 13193 |
| Class: | Input Validation Error |
| CVE: |
CVE-2005-1127 |
| Remote: | Yes |
| Local: | Yes |
| Published: | Apr 15 2005 12:00AM |
| Updated: | Sep 05 2006 08:28PM |
| Credit: | Discovery of the issue in Postgrey is credited to Stefan Schmidt. "Dr. Peter Bieringer" <[email protected]> discovered the issue in Net-Server along with assistance from David Schweikert and Stefan Schmidt. |
| Vulnerable: |
SuSE Linux 8.1 SuSE Linux 8.0 i386 SuSE Linux 8.0 SuSE Linux 7.3 sparc SuSE Linux 7.3 ppc SuSE Linux 7.3 i386 SuSE Linux 7.3 SuSE Linux 7.2 i386 SuSE Linux 7.2 SuSE Linux 7.1 x86 SuSE Linux 7.1 sparc SuSE Linux 7.1 ppc SuSE Linux 7.1 alpha SuSE Linux 7.1 SuSE Linux 7.0 sparc SuSE Linux 7.0 ppc SuSE Linux 7.0 i386 SuSE Linux 7.0 alpha SuSE Linux 7.0 SuSE Linux 6.4 ppc SuSE Linux 6.4 i386 SuSE Linux 6.4 alpha SuSE Linux 6.4 SuSE Linux 6.3 ppc SuSE Linux 6.3 alpha SuSE Linux 6.3 SuSE Linux 6.2 SuSE Linux 6.1 alpha SuSE Linux 6.1 SuSE Linux 6.0 SuSE Linux 5.3 SuSE Linux 5.2 SuSE Linux 5.1 SuSE Linux 5.0 SuSE Linux 4.4.1 SuSE Linux 4.4 SuSE Linux 4.3 SuSE Linux 4.2 SuSE Linux 4.0 SuSE Linux 3.0 SuSE Linux 2.0 SuSE Linux 1.0 S.u.S.E. Linux Personal 9.3 S.u.S.E. Linux Personal 9.2 x86_64 S.u.S.E. Linux Personal 9.2 S.u.S.E. Linux Personal 9.1 x86_64 S.u.S.E. Linux Personal 9.1 S.u.S.E. Linux Personal 9.0 x86_64 S.u.S.E. Linux Personal 9.0 S.u.S.E. Linux Personal 8.2 Rob Brown Net-Server 0.87 Rob Brown Net-Server 0.86 Rob Brown Net-Server 0.85 Rob Brown Net-Server 0.84 Postgrey Postgrey 1.21 Postgrey Postgrey 1.18 Postgrey Postgrey 1.17 Postgrey Postgrey 1.16 MandrakeSoft Corporate Server 3.0 x86_64 MandrakeSoft Corporate Server 3.0 Gentoo Linux Debian Linux 3.1 sparc Debian Linux 3.1 s/390 Debian Linux 3.1 ppc Debian Linux 3.1 mipsel Debian Linux 3.1 mips Debian Linux 3.1 m68k Debian Linux 3.1 ia-64 Debian Linux 3.1 ia-32 Debian Linux 3.1 hppa Debian Linux 3.1 arm Debian Linux 3.1 amd64 Debian Linux 3.1 alpha Debian Linux 3.1 |
| Not Vulnerable: | |
Discussion
Rob Brown Net-Server Perl Module Logging Function Format String Vulnerability
Net-Server API is prone to a remote format-string vulnerability. The issue resides in the 'log' subroutine of the 'Server.pm' module.
This vulnerability may occur when an application uses the 'log' subroutine of the affected module to handle malicious data passed through a network request.
A successful attack may crash the server or lead to arbitrary code execution. This may facilitate unauthorized access or privilege escalation in the context the server.
Net-Server API is prone to a remote format-string vulnerability. The issue resides in the 'log' subroutine of the 'Server.pm' module.
This vulnerability may occur when an application uses the 'log' subroutine of the affected module to handle malicious data passed through a network request.
A successful attack may crash the server or lead to arbitrary code execution. This may facilitate unauthorized access or privilege escalation in the context the server.
Exploit / POC
Rob Brown Net-Server Perl Module Logging Function Format String Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution / Fix
Rob Brown Net-Server Perl Module Logging Function Format String Vulnerability
Solution:
Please see the referenced advisories for more information.
Rob Brown Net-Server 0.85
Rob Brown Net-Server 0.87
Postgrey Postgrey 1.16
Postgrey Postgrey 1.17
Postgrey Postgrey 1.18
Postgrey Postgrey 1.21
Solution:
Please see the referenced advisories for more information.
Rob Brown Net-Server 0.85
-
Mandriva perl-Net-Server-0.85-3.1.C30mdk.noarch.rpm
Corporate 3.0:
http://wwwnew.mandriva.com/en/downloads/
Rob Brown Net-Server 0.87
-
Debian libnet-server-perl_0.87-3sarge1_all.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/libn/libnet-server-perl/l ibnet-server-perl_0.87-3sarge1_all.deb
Postgrey Postgrey 1.16
-
Postgrey postgrey-1.21.tar.gz
http://isg.ee.ethz.ch/tools/postgrey/pub/postgrey-1.21.tar.gz
Postgrey Postgrey 1.17
-
Postgrey postgrey-1.21.tar.gz
http://isg.ee.ethz.ch/tools/postgrey/pub/postgrey-1.21.tar.gz
Postgrey Postgrey 1.18
-
Postgrey postgrey-1.21.tar.gz
http://isg.ee.ethz.ch/tools/postgrey/pub/postgrey-1.21.tar.gz
Postgrey Postgrey 1.21
-
Debian postgrey_1.21-1sarge1_all.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/p/postgrey/postgrey_1.21- 1sarge1_all.deb
References
Rob Brown Net-Server Perl Module Logging Function Format String Vulnerability
References:
References:
- Net::Server Home (Net::Server)
- Postgrey Homepage (Postgrey)