remote cyrus exploits?
Derrick J Brashear
shadow at dementia.org
Tue Nov 23 02:20:11 EST 2004
On Mon, 22 Nov 2004, David Powicki wrote:
>
> What's the word on susceptibility of versions based on the remote
> vulnerability documented at:
>
> http://security.e-matters.de/advisories/152004.html
>
> Are ALL versions of cyrus pre-2.2.9 vulnerable, including 2.1.X?
If you read the report at the URL he summarizes which versions have which
bugs. The PARTIAL and FETCH bugs are there earlier, including in 2.1.x.
Both of these are "one byte memory corruption" ... "allows remote code
execution, when the heap layout was successfully controlled by the
attacker." Heap attacks are more difficult than the usual stack overflow
attacks, but it would be smart to upgrade. The relevant portions of the
patch between 2.2.8 and 2.2.9 can be applied (most likely by hand) to
2.1.x.
---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
More information about the Info-cyrus
mailing list