Bug 42999 (CVE-2003-0581)

Summary: VUL-0: CVE-2003-0581: xfstt: remote denial-of-service and possible code exec
Product: [Novell Products] SUSE Security Incidents Reporter: Thomas Biege <thomas>
Component: IncidentsAssignee: Vladimir Nadvornik <nadvornik>
Status: VERIFIED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: security-team
Version: unspecified   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard: CVE-2003-0581: CVSS v2 Base Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---
Attachments: patchinfo
putonftp
patch

Description Thomas Biege 2003-07-17 15:57:52 UTC 
Hi, 
this one was send to Bugtraq-ML: 
http://www.securityfocus.com/archive/1/329174 
 
Can you check if it affects us, please.
Comment 1 Thomas Biege 2003-07-17 15:57:52 UTC 
<!-- SBZ_reproduce  -->
.
Comment 2 Stefan Dirsch 2003-07-17 16:37:35 UTC 
xfstt is dropped since SuSE 8.1. I don't know if we're affected on SuSE <= 
8.0. Assigned to maintainer ...
Comment 3 Vladimir Nadvornik 2003-07-17 17:23:51 UTC 
Yes, we are affected.
Comment 4 Thomas Biege 2003-07-17 18:29:24 UTC 
Created attachment 13131 [details]
patchinfo
Comment 5 Thomas Biege 2003-07-17 18:30:25 UTC 
Created attachment 13132 [details]
putonftp
Comment 6 Thomas Biege 2003-07-17 18:31:19 UTC 
Ok, so we need a sec. update for 7.1 - 8.0. 
I attached the p&p files and will create the "Laufzettel".
Comment 7 Vladimir Nadvornik 2003-07-17 19:08:40 UTC 
The patch is not available. Is it ok to wait for it?
Comment 8 Thomas Biege 2003-07-17 20:07:15 UTC 
Hm, I looked at the CVS code. The fix seems even to be unavailable there. 
Fixing it on myown may take more then just a few minutes, so I think we should 
wait for the final patch from the author. 
Should I contact the author or will you do it?
Comment 9 Vladimir Nadvornik 2003-07-17 22:13:55 UTC 
Please contact him, thanks.
Comment 10 Thomas Biege 2003-07-17 23:36:00 UTC 
maintainer contacted
Comment 11 Thomas Biege 2003-08-04 17:46:48 UTC 
no answer so far. :(
Comment 12 Thomas Biege 2003-08-04 22:12:23 UTC 
Created attachment 13320 [details]
patch

cvs diff -u -r 1.12 -r 1.14 src/xfstt.cc > xfstt.cc.diff
Comment 13 Thomas Biege 2003-08-04 22:13:26 UTC 
checked their cvs: 
thomas@wotan:~/tmp/xfstt> cvs log src/xfstt.cc 
 
RCS file: /cvsroot/xfstt/xfstt/src/xfstt.cc,v 
Working file: src/xfstt.cc 
head: 1.14 
branch: 
locks: strict 
access list: 
symbolic names: 
        xfstt-1_5_1: 1.14 
        xfstt-1_5: 1.13 
        xfstt-1_4: 1.1.1.1 
        xfstt: 1.1.1 
keyword substitution: kv 
total revisions: 15;    selected revisions: 15 
description: 
---------------------------- 
revision 1.14 
date: 2003/07/31 06:27:29;  author: guillem;  state: Exp;  lines: +9 -2 
Check for proper byteorder magic in connection handshake (bugtraq id 8255). 
Reorder debugging output. 
---------------------------- 
revision 1.13 
date: 2003/07/29 04:04:45;  author: guillem;  state: Exp;  lines: +79 -29 
Fixed multiple buffer overflows in the network packet handling: CAN-2003-0581. 
---------------------------- 
[...] 
 
Bug seems to be fixed.
Comment 14 Vladimir Nadvornik 2003-08-05 16:50:01 UTC 
patched packages submitted.
Comment 15 Thomas Biege 2003-08-12 21:33:44 UTC 
approved
Comment 16 Thomas Biege 2009-10-13 19:37:55 UTC 
CVE-2003-0581: CVSS v2 Base Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)