Skip Navigation

  • Home
  • Contact us
  • FAQ
  • Glossary
  • Public key
  • Sitemap
  • Cymraeg
  • What's new
CPNI - Centre for the Protection of National Infastructure

Advanced search

  • About CPNI
  • The threats
  • Security planning
  • Methods of attack
  • Protecting your assets
  • Products and services
    • CSIRTUK advisories
      • Advisories archive
    • General protective security publications
    • InfoSec briefings
    • InfoSec technical notes
    • InfoSec vulnerability disclosures
    • Good practice guidelines
    • Viewpoints
    • Information exchanges
    • Risk Management Delivery Group
  • Research
Home > Products and services > CSIRTUK advisories > Advisories archive > October 2006 > Three Debian Security Advisories

October 2006

Three Debian Security Advisories

ID: 00686
Ref: 658/2006
Date: 06 October 2006:14:30:40
Version: 1
Title: Three Debian Security Advisories
Abstract:
Vendors affected: Debian
Operating systems affected: Debian
Applications affected: Debian
Title
=====

Three Debian Security Advisories:

1. DSA 1189-1 - New openssh-krb5 packages fix denial of service and potential
execution of arbitrary code

2. DSA 1190-1 - New maxdb-7.5.00 packages fix execution of arbitrary code

3. DSA 1191-1 - New Mozilla Thunderbird packages fix several vulnerabilities

Detail
======

1. Several remote vulnerabilities have been discovered in OpenSSH, a free
implementation of the Secure Shell protocol, which may lead to denial of
service and potentially the execution of arbitrary code.

2. Oliver Karow discovered that the WebDBM frontend of the MaxDB database
performs insufficient sanitising of requests passed to it, which might
lead to the execution of arbitrary code.

3. Several security related problems have been discovered in Mozilla and
derived products such as Mozilla Thunderbird. The





1.



- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - --------------------------------------------------------------------------
Debian Security Advisory DSA 1189-1 security@debian.org
http://www.debian.org/security/ Moritz Muehlenhoff
October 4th, 2006 http://www.debian.org/security/faq
- - --------------------------------------------------------------------------

Package : openssh-krb5
Vulnerability : several
Problem-Type : remote
Debian-specific: no
CVE ID : CVE-2006-4924 CVE-2006-5051

Several remote vulnerabilities have been discovered in OpenSSH, a free
implementation of the Secure Shell protocol, which may lead to denial of
service and potentially the execution of arbitrary code. The Common
Vulnerabilities and Exposures project identifies the following problems:

CVE-2006-4924

Tavis Ormandy of the Google Security Team discovered a denial of
service vulnerability in the mitigation code against complexity
attacks, which might lead to increased CPU consumption until a
timeout is triggered. This is only exploitable if support for
SSH protocol version 1 is enabled.

CVE-2006-5051

Mark Dowd discovered that insecure signal handler usage could
potentially lead to execution of arbitrary code through a double
free. The Debian Security Team doesn't believe the general openssh
package without Kerberos support to be exploitable by this issue.
However, due to the complexity of the underlying code we will
issue an update to rule out all eventualities.

For the stable distribution (sarge) these problems have been fixed in
version 3.8.1p1-7sarge1.

For the unstable distribution (sid) these problems have been fixed in
version 4.3p2-4 of openssh. openssh-krb5 will soon be converted towards
a transitional package against openssh.

We recommend that you upgrade your openssh-krb5 packages.


Upgrade Instructions
- - --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.1 alias sarge
- - --------------------------------

Source archives:

http://security.debian.org/pool/updates/main/o/openssh-krb5/openssh-krb5_3.8.1p1-7sarge1.dsc
Size/MD5 checksum: 693 d0a8ac5b868c5f84fd372c9ef597f3a6
http://security.debian.org/pool/updates/main/o/openssh-krb5/openssh-krb5_3.8.1p1-7sarge1.diff.gz
Size/MD5 checksum: 167076 1fcdbc92c7a0992711b2dc67b9923ba7
http://security.debian.org/pool/updates/main/o/openssh-krb5/openssh-krb5_3.8.1p1.orig.tar.gz
Size/MD5 checksum: 795948 9ce6f2fa5b2931ce2c4c25f3af9ad50d

Alpha architecture:

http://security.debian.org/pool/updates/main/o/openssh-krb5/ssh-krb5_3.8.1p1-7sarge1_alpha.deb
Size/MD5 checksum: 909896 44611f5a619acf0bccdeb366d76f39c5

AMD64 architecture:

http://security.debian.org/pool/updates/main/o/openssh-krb5/ssh-krb5_3.8.1p1-7sarge1_amd64.deb
Size/MD5 checksum: 773658 dc8335560cead18af3fa4eb52911af92

ARM architecture:

http://security.debian.org/pool/updates/main/o/openssh-krb5/ssh-krb5_3.8.1p1-7sarge1_arm.deb
Size/MD5 checksum: 689752 18e79d4e27c0ec313147e0951ef6082a

HP Precision architecture:

http://security.debian.org/pool/updates/main/o/openssh-krb5/ssh-krb5_3.8.1p1-7sarge1_hppa.deb
Size/MD5 checksum: 780142 5e692daa057c38f1fa1f0f877824e991

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/o/openssh-krb5/ssh-krb5_3.8.1p1-7sarge1_i386.deb
Size/MD5 checksum: 706910 a4eda3cc320f77d2dc1065976086c31f

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/o/openssh-krb5/ssh-krb5_3.8.1p1-7sarge1_ia64.deb
Size/MD5 checksum: 1004916 91f89e80f1a27f942bd5fe9e7ae2ba3e

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/o/openssh-krb5/ssh-krb5_3.8.1p1-7sarge1_m68k.deb
Size/MD5 checksum: 651232 8f41b159434ef7bf3187cd4954e816cc

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/o/openssh-krb5/ssh-krb5_3.8.1p1-7sarge1_mips.deb
Size/MD5 checksum: 790716 cbc586aa73bcf295cd61f1c09e8015d8

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/o/openssh-krb5/ssh-krb5_3.8.1p1-7sarge1_mipsel.deb
Size/MD5 checksum: 793644 3364603438fceb21bffdd3efb4887e0e

PowerPC architecture:

http://security.debian.org/pool/updates/main/o/openssh-krb5/ssh-krb5_3.8.1p1-7sarge1_powerpc.deb
Size/MD5 checksum: 757954 ddb9cbba0e84f84da8e60fcbcbaddbae

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/o/openssh-krb5/ssh-krb5_3.8.1p1-7sarge1_s390.deb
Size/MD5 checksum: 771520 2148d40fa59dc98b94ac6a03ed2c444f

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/o/openssh-krb5/ssh-krb5_3.8.1p1-7sarge1_sparc.deb
Size/MD5 checksum: 694800 9c059e2e4ba232774a522da0a2757f06


These files will probably be moved into the stable distribution on
its next update.

- - ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and http://packages.debian.org/
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFFJAvbXm3vHE4uyloRAmqoAKChy0vZr6GVMubikUiysDHN7npstQCdF3dp
EYGwpqy2OkwF4WxfJwJX3zs=
=SWgg
- -----END PGP SIGNATURE-----




2.



- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - --------------------------------------------------------------------------
Debian Security Advisory DSA 1XXX-1 security@debian.org
http://www.debian.org/security/ Moritz Muehlenhoff
October 4th, 2006 http://www.debian.org/security/faq
- - --------------------------------------------------------------------------

Package : maxdb-7.5.00
Vulnerability : buffer overflow
Problem-Type : remote
Debian-specific: no
CVE ID : CVE-2006-4305
Debian Bug : 386182

Oliver Karow discovered that the WebDBM frontend of the MaxDB database
performs insufficient sanitising of requests passed to it, which might
lead to the execution of arbitrary code.

For the stable distribution (sarge) this problem has been fixed in
version 7.5.00.24-4.

For the unstable distribution (sid) this problem will be fixed soon.

We recommend that you upgrade your maxdb-7.5.00 package.


Upgrade Instructions
- - --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.1 alias sarge
- - --------------------------------

Source archives:

http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/maxdb-7.5.00_7.5.00.24-4.dsc
Size/MD5 checksum: 1141 2747ee99a22fd9b6ba0ee9229cf23956
http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/maxdb-7.5.00_7.5.00.24-4.diff.gz
Size/MD5 checksum: 102502 b00c857a9956eed998e17a155d692d8b
http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/maxdb-7.5.00_7.5.00.24.orig.tar.gz
Size/MD5 checksum: 16135296 4d581530145c30a46ef7a434573f3beb

AMD64 architecture:

http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/libsqldbc7.5.00_7.5.00.24-4_amd64.deb
Size/MD5 checksum: 681616 b4bf816d096fc5cf147e530979de8c2a
http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/libsqldbc7.5.00-dev_7.5.00.24-4_amd64.deb
Size/MD5 checksum: 835926 0c6f2a9e4d8c945937afd044e15ff688
http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/libsqlod7.5.00_7.5.00.24-4_amd64.deb
Size/MD5 checksum: 602828 f1ff9957fd7713422f589e2b5ce878e1
http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/libsqlod7.5.00-dev_7.5.00.24-4_amd64.deb
Size/MD5 checksum: 110542 d1b0ad84bba2fbf2e1fc66870d217c1a
http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/maxdb-dbanalyzer_7.5.00.24-4_amd64.deb
Size/MD5 checksum: 879638 6c14c3e14f8a3d311b753da8059e8718
http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/maxdb-dbmcli_7.5.00.24-4_amd64.deb
Size/MD5 checksum: 1002292 249bf89f7f2b342fc23bb230c87ce0d2
http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/maxdb-loadercli_7.5.00.24-4_amd64.deb
Size/MD5 checksum: 1924254 fedf03c8551d3c89fdcf9bd381ce25a9
http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/maxdb-lserver_7.5.00.24-4_amd64.deb
Size/MD5 checksum: 1861026 7cd7e22627438e425fc014d5c0689882
http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/maxdb-server_7.5.00.24-4_amd64.deb
Size/MD5 checksum: 2815606 12eca89b6c94a93f0805a3be61f053f5
http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/maxdb-server-7.5.00_7.5.00.24-4_amd64.deb
Size/MD5 checksum: 11762902 9543cd40e9dd2bd31668dc34bdde714b
http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/maxdb-server-dbg-7.5.00_7.5.00.24-4_amd64.deb
Size/MD5 checksum: 5454626 1a9e3e48fe5e5d0088e896ca1e2c535a
http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/maxdb-sqlcli_7.5.00.24-4_amd64.deb
Size/MD5 checksum: 125258 cbc85c2295d40664794d8dea7fdefe36
http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/maxdb-webtools_7.5.00.24-4_amd64.deb
Size/MD5 checksum: 2469898 7cf201e9a125267ab012196a6515b4bd
http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/python-maxdb_7.5.00.24-4_amd64.deb
Size/MD5 checksum: 57530 cc1d8ba42c0213d233ecb07855733fab
http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/python-maxdb-loader_7.5.00.24-4_amd64.deb
Size/MD5 checksum: 52896 2623c86e1e8c104a7b6e534283f92d88
http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/python2.3-maxdb_7.5.00.24-4_amd64.deb
Size/MD5 checksum: 388490 dc2719125122fc8c9d74cf621db8a159
http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/python2.3-maxdb-loader_7.5.00.24-4_amd64.deb
Size/MD5 checksum: 195236 edff932c86a91803ac12fa12afdffe80
http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/python2.4-maxdb_7.5.00.24-4_amd64.deb
Size/MD5 checksum: 388500 7e4f4d52029cffb09b4dec330be23f9f
http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/python2.4-maxdb-loader_7.5.00.24-4_amd64.deb
Size/MD5 checksum: 195262 579c30388c18177e6a59fdb5b7a228ce

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/libsqldbc7.5.00_7.5.00.24-4_i386.deb
Size/MD5 checksum: 724428 7f3da03ea2e15ec1906a17a844a8de71
http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/libsqldbc7.5.00-dev_7.5.00.24-4_i386.deb
Size/MD5 checksum: 884322 f87be31d0c3ccc25826a8adbb90c0fd8
http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/libsqlod7.5.00_7.5.00.24-4_i386.deb
Size/MD5 checksum: 662674 b768894d4d0613c7a78561ec3c63a736
http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/libsqlod7.5.00-dev_7.5.00.24-4_i386.deb
Size/MD5 checksum: 113500 0762412421cc8bba7920cd3e5c7ba912
http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/maxdb-dbanalyzer_7.5.00.24-4_i386.deb
Size/MD5 checksum: 959610 05077a4995b6f30736dd031f650fc8bb
http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/maxdb-dbmcli_7.5.00.24-4_i386.deb
Size/MD5 checksum: 1151380 f5952dd48f3c289d59c59869a7910675
http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/maxdb-loadercli_7.5.00.24-4_i386.deb
Size/MD5 checksum: 2074392 198c3e94e284f312acb8a60680fb3dac
http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/maxdb-lserver_7.5.00.24-4_i386.deb
Size/MD5 checksum: 1998244 e85b595329b9d3ee86abca690ae8205f
http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/maxdb-server_7.5.00.24-4_i386.deb
Size/MD5 checksum: 3087456 3ba8dc9c84e7e0d65e07b8d1f469adcd
http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/maxdb-server-7.5.00_7.5.00.24-4_i386.deb
Size/MD5 checksum: 13245168 5bcd0e38d550518e611a510d338a3bd8
http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/maxdb-server-dbg-7.5.00_7.5.00.24-4_i386.deb
Size/MD5 checksum: 6269766 b747c1d1155a6512266a1ce3e52a6ce1
http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/maxdb-sqlcli_7.5.00.24-4_i386.deb
Size/MD5 checksum: 132864 f0c46a30fd72b4a29e93b9b75042c6a8
http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/maxdb-webtools_7.5.00.24-4_i386.deb
Size/MD5 checksum: 2619482 9b66168b5b70efbd69c16a06e2de734d
http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/python-maxdb_7.5.00.24-4_i386.deb
Size/MD5 checksum: 57534 7d4cb5ef1fa3bf65d79b590023cdc1db
http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/python-maxdb-loader_7.5.00.24-4_i386.deb
Size/MD5 checksum: 52902 61f35976dd90a9e461dfceea5430fa1e
http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/python2.3-maxdb_7.5.00.24-4_i386.deb
Size/MD5 checksum: 411124 79212c1b66ae516b5404f4d1bb314dc6
http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/python2.3-maxdb-loader_7.5.00.24-4_i386.deb
Size/MD5 checksum: 204636 ae693e5ef1041afef92f11fa81314dfe
http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/python2.4-maxdb_7.5.00.24-4_i386.deb
Size/MD5 checksum: 411094 3974583dbdfb586097274e4aaddf376b
http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/python2.4-maxdb-loader_7.5.00.24-4_i386.deb
Size/MD5 checksum: 204620 c2f00a1d54744ed51c547e681595f537

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/libsqldbc7.5.00_7.5.00.24-4_ia64.deb
Size/MD5 checksum: 928300 8f9b50424dae7723c38aac9e0c9a52ab
http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/libsqldbc7.5.00-dev_7.5.00.24-4_ia64.deb
Size/MD5 checksum: 1057976 d1127e1ab07ac2a3bc485f040fb0339c
http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/libsqlod7.5.00_7.5.00.24-4_ia64.deb
Size/MD5 checksum: 911096 4b2d26b87f9e8abe2a8cabb5f5a3dc38
http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/libsqlod7.5.00-dev_7.5.00.24-4_ia64.deb
Size/MD5 checksum: 125196 c590b2aeb6e773afc78b234880679d0b
http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/maxdb-dbanalyzer_7.5.00.24-4_ia64.deb
Size/MD5 checksum: 1157550 bc505370fe0b635ed20241dcec297922
http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/maxdb-dbmcli_7.5.00.24-4_ia64.deb
Size/MD5 checksum: 1457434 239d74377e81b0d4cceed7e1c99553a5
http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/maxdb-loadercli_7.5.00.24-4_ia64.deb
Size/MD5 checksum: 2340496 2f32566da56fcaed5a889f29b2df2ae1
http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/maxdb-lserver_7.5.00.24-4_ia64.deb
Size/MD5 checksum: 2253224 b49a58cd8ad452633f57c0d4c2bb7ccc
http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/maxdb-server_7.5.00.24-4_ia64.deb
Size/MD5 checksum: 4126188 db0b224332c029575c85ec3b4af7055f
http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/maxdb-server-7.5.00_7.5.00.24-4_ia64.deb
Size/MD5 checksum: 16985506 7634c5b20bbed0b559c5a30a70abcff1
http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/maxdb-server-dbg-7.5.00_7.5.00.24-4_ia64.deb
Size/MD5 checksum: 8270364 76ac234b9524ec827443e44270b10a7d
http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/maxdb-sqlcli_7.5.00.24-4_ia64.deb
Size/MD5 checksum: 172092 c89208be8d296c2a188b52b60e42ff1c
http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/maxdb-webtools_7.5.00.24-4_ia64.deb
Size/MD5 checksum: 3018916 de87cf29f90c5b6e08698411c6ee6366
http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/python-maxdb_7.5.00.24-4_ia64.deb
Size/MD5 checksum: 57530 67e6ce8dfb5282aed0aaf8c0d2e3dfba
http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/python-maxdb-loader_7.5.00.24-4_ia64.deb
Size/MD5 checksum: 52898 00f142490fbc22408ef5347abf228baa
http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/python2.3-maxdb_7.5.00.24-4_ia64.deb
Size/MD5 checksum: 512998 f38b9df396ef132650ddbd151780f5ce
http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/python2.3-maxdb-loader_7.5.00.24-4_ia64.deb
Size/MD5 checksum: 247500 d014a66017bbabc285f0bb42df85a71e
http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/python2.4-maxdb_7.5.00.24-4_ia64.deb
Size/MD5 checksum: 513000 244752450b149746ec25fbbb67037d9e
http://security.debian.org/pool/updates/main/m/maxdb-7.5.00/python2.4-maxdb-loader_7.5.00.24-4_ia64.deb
Size/MD5 checksum: 247500 06b34ba0ab20719baf4c44a828de0436


These files will probably be moved into the stable distribution on
its next update.

- - ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and http://packages.debian.org/
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFFJA4bXm3vHE4uyloRAvJaAKCmoL1XOehnfuEcQZz7K+pSB5EsmgCg0znT
uUwjk8wo+yxSwouQPhCPxBo=
=54an
- -----END PGP SIGNATURE-----



3.


- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - --------------------------------------------------------------------------
Debian Security Advisory DSA 1191-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
October 5th, 2006 http://www.debian.org/security/faq
- - --------------------------------------------------------------------------

Package : mozilla-thunderbird
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE IDs : CVE-2006-2788 CVE-2006-4340 CVE-2006-4565 CVE-2006-4566
CVE-2006-4568 CVE-2006-4570 CVE-2006-4571
BugTraq ID : 20042

Several security related problems have been discovered in Mozilla and
derived products such as Mozilla Thunderbird. The Common
Vulnerabilities and Exposures project identifies the following
vulnerabilities:

CVE-2006-2788

Fernando Ribeiro discovered that a vulnerability in the getRawDER
functionallows remote attackers to cause a denial of service
(hang) and possibly execute arbitrary code.

CVE-2006-4340

Daniel Bleichenbacher recently described an implementation error
in RSA signature verification that cause the application to
incorrectly trust SSL certificates.

CVE-2006-4565, CVE-2006-4566

Priit Laes reported that that a JavaScript regular expression can
trigger a heap-based buffer overflow which allows remote attackers
to cause a denial of service and possibly execute arbitrary code.

CVE-2006-4568

A vulnerability has been discovered that allows remote attackers
to bypass the security model and inject content into the sub-frame
of another site.

CVE-2006-4570

Georgi Guninski demonstrated that even with JavaScript disabled in
mail (the default) an attacker can still execute JavaScript when a
mail message is viewed, replied to, or forwarded.

CVE-2006-4571

Multiple unspecified vulnerabilities in Firefox, Thunderbird and
SeaMonkey allow remote attackers to cause a denial of service,
corrupt memory, and possibly execute arbitrary code.

For the stable distribution (sarge) these problems have been fixed in
version 1.0.2-2.sarge1.0.8c.1.

For the unstable distribution (sid) these problems have been fixed in
version 1.5.0.7-1.

We recommend that you upgrade your Mozilla Thunderbird packages.


Upgrade Instructions
- - --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given at the end of this advisory:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.1 alias sarge
- - --------------------------------

Source archives:

http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1.dsc
Size/MD5 checksum: 1003 d7261fba347b9876e873f1d424e60190
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1.diff.gz
Size/MD5 checksum: 519315 066ed351050722c36274e3e837fd174f
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2.orig.tar.gz
Size/MD5 checksum: 33288906 806175393a226670aa66060452d31df4

Alpha architecture:

http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_alpha.deb
Size/MD5 checksum: 12855288 285e55a20445ea5dffe79de01baf788c
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_alpha.deb
Size/MD5 checksum: 3280106 0206d9fe08e3da2d4bf919c6b2b54ec7
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_alpha.deb
Size/MD5 checksum: 152092 c5c984f0f11f94cb263f5bbef367de09
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_alpha.deb
Size/MD5 checksum: 33520 ed7e6d825f630da666e07914527f2c75
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_alpha.deb
Size/MD5 checksum: 89492 1e9ed565915dc4327e444ad999cc5daa

AMD64 architecture:

http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_amd64.deb
Size/MD5 checksum: 12258904 f40f86252184ce7360b2b9d1e58cef8f
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_amd64.deb
Size/MD5 checksum: 3281164 e4e2160d22d4721508f1762804b3b18b
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_amd64.deb
Size/MD5 checksum: 151124 a72d17f827929c9189f9ba96ff73c7a1
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_amd64.deb
Size/MD5 checksum: 33512 bbe0fe4a7e56a138c220790ab9de97a6
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_amd64.deb
Size/MD5 checksum: 89350 f2b7e1d1d4eb5f1abb2522ddbdb46ff5

ARM architecture:

http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_arm.deb
Size/MD5 checksum: 10345146 4c171699433072d443eb7b35a2550fd2
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_arm.deb
Size/MD5 checksum: 3272118 a52ad3d2cd1806e936374537e135d7db
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_arm.deb
Size/MD5 checksum: 143266 9dedbe9b5f45727a93cfccb5c99bf371
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_arm.deb
Size/MD5 checksum: 33522 14d1c0d0af46731075ea7c35c2900258
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_arm.deb
Size/MD5 checksum: 81318 81219b4c82896fab12427e42df1b2760

HP Precision architecture:

http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_hppa.deb
Size/MD5 checksum: 13570024 3a62ee11075402dfad030e2ede937191
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_hppa.deb
Size/MD5 checksum: 3285124 e9cadee2d32b2bcb56b1278043e97da4
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_hppa.deb
Size/MD5 checksum: 153296 3fecaa707002afb1ba6854da724ad132
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_hppa.deb
Size/MD5 checksum: 33520 83e537b9aff4d44fd958043298a1d7f2
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_hppa.deb
Size/MD5 checksum: 97390 c3ceeedcf00d99d34c7b5f424da7da63

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_i386.deb
Size/MD5 checksum: 11568436 af1de65bd715970c4432149aec80b2a2
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_i386.deb
Size/MD5 checksum: 3507870 5dab89db24f1443fe782dc931f4ee0af
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_i386.deb
Size/MD5 checksum: 146732 bc52082cd1ab0f026c401204cd63b4a7
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_i386.deb
Size/MD5 checksum: 33518 5d3c9700cce7b9c0261c246ed7b8afd4
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_i386.deb
Size/MD5 checksum: 88084 e244c9c8b7224814774bef13f4213d4e

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_ia64.deb
Size/MD5 checksum: 14628630 07bfcc171f449b86b9d62f903e29d506
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_ia64.deb
Size/MD5 checksum: 3291260 d7186841974796f8f90be26700801a95
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_ia64.deb
Size/MD5 checksum: 155452 e17eb664e56fcc0809dd36580f92cc1a
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_ia64.deb
Size/MD5 checksum: 33514 fc890529fdea5526a05ffd16b96f5956
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_ia64.deb
Size/MD5 checksum: 107220 eb93528d586b050ecc3b60742b4fa344

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_m68k.deb
Size/MD5 checksum: 10794842 fa716b92e3c7a9d67fad6fd453c78bb4
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_m68k.deb
Size/MD5 checksum: 3271690 d95eb910dd6d38de41c17fcb6b1c4696
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_m68k.deb
Size/MD5 checksum: 145054 2b7570676e15cea809905c442f91b5e0
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_m68k.deb
Size/MD5 checksum: 33550 3db6c520d1c489fb4e17501d19dececf
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_m68k.deb
Size/MD5 checksum: 82556 32d25c11844a48ed963e3c5c51ff34fc

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_mips.deb
Size/MD5 checksum: 11948708 4f58ce9668da6a12b823edaa3c8b35b3
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_mips.deb
Size/MD5 checksum: 3279410 e639b2bf43eda95d3ca3bb0b9aec6df7
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_mips.deb
Size/MD5 checksum: 148042 cb6ee4a9bd4dec3166e48e356b9c3465
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_mips.deb
Size/MD5 checksum: 33524 2765555b00f4ed717b34e98c5c0d9c02
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_mips.deb
Size/MD5 checksum: 84748 0e934e90bb6bd47c7500fd665728ba27

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_mipsel.deb
Size/MD5 checksum: 11817078 4239077894c74444d33063229dd847df
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_mipsel.deb
Size/MD5 checksum: 3280416 ac165850436e63818da8fffe134628d1
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_mipsel.deb
Size/MD5 checksum: 147600 ae6d7ff1b34dddab3d0c18d6e38bc77b
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_mipsel.deb
Size/MD5 checksum: 33518 27bed1b95a4e34a291c7e67c6a9fdd37
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_mipsel.deb
Size/MD5 checksum: 84650 173fefc8b58b15398b3cccad2c812495

PowerPC architecture:

http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_powerpc.deb
Size/MD5 checksum: 10912494 d13ec5b97f5fde0795e5f762330756f6
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_powerpc.deb
Size/MD5 checksum: 3270108 dbd7eb3154db4a379fcfcda6b7d414b9
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_powerpc.deb
Size/MD5 checksum: 145048 b9ab45845f58fb064d7d1ae449481db9
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_powerpc.deb
Size/MD5 checksum: 33526 b5e07e26d215581b4cc0fea6d71beaf3
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_powerpc.deb
Size/MD5 checksum: 81478 b57b8038afbfd5490a6cf847e740ab60

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_s390.deb
Size/MD5 checksum: 12705708 68195861caccd07a18a379ffe2e88403
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_s390.deb
Size/MD5 checksum: 3280614 38dec996622a4e1762a1ef683bba9c43
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_s390.deb
Size/MD5 checksum: 151436 b54ba7420653e63746d019b979f3ae76
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_s390.deb
Size/MD5 checksum: 33516 e24dafe27c103a8d40de9a905b052311
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_s390.deb
Size/MD5 checksum: 89290 9daa1eb634834e02aefde0a594bcd0f9

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_sparc.deb
Size/MD5 checksum: 11181284 adedd4c6302ddb868a531810d226143a
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_sparc.deb
Size/MD5 checksum: 3275816 c38922ec47674939277e6984f87c0eb4
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_sparc.deb
Size/MD5 checksum: 144702 9183a627463aa564a0313d4d361d22f3
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_sparc.deb
Size/MD5 checksum: 33528 5f87736faa9ee0a9b10e29c48280798a
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_sparc.deb
Size/MD5 checksum: 83122 72966880dc02a1b472dcac7b1404fa58


These files will probably be moved into the stable distribution on
its next update.

- - ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and http://packages.debian.org/

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFFJNsFW5ql+IAeqTIRAgeZAJ0dYXyy9QKfcADcFekhEP7n0hfqeACgpro4
H5iKBfGUezJNoEbseNfM8+Q=
=Dv+0
- -----END PGP SIGNATURE-----
  • Accessibility |
  • Terms and conditions |
  • Privacy statement |
  • Data protection act |
  • Freedom of information |