Säkerhetsbulletin från Debian
DSA-1914-1 mapserver -- flera sårbarheter
- Rapporterat den:
- 2009-10-22
- Berörda paket:
- mapserver
- Sårbara:
- Ja
- Referenser i säkerhetsdatabaser:
- I Mitres CVE-förteckning: CVE-2009-0843, CVE-2009-0842, CVE-2009-0841, CVE-2009-0840, CVE-2009-0839, CVE-2009-2281.
- Ytterligare information:
-
Flera sårbarheter har upptäckts i mapserver, ett CGI-baserat webbramverk för publisering av rumsdata och interaktiva kartapplikationer. Projektet Common Vulnerabilities and Exposures identifierar följande problem:
- CVE-2009-0843
Saknad kontroll av indata i namnet på en användartillhandahållen kartfråga kan användas av en angripare för att undersöka huruvida en fil existerar genom att använda GET-parametern och undersöka skillnader i felmeddelanden.
- CVE-2009-0842
Avsaknad av filtypsverifiering vid tolkning av en kartfil kan leda till att innehåll i godtyckliga filer delvis görs åtkomligt genom felmeddelanden från tolkaren.
- CVE-2009-0841
På grund av avsaknad indatakontroll när kartor sparas under vissa omständigheter, är det möjligt att utföra katalogtraverseringsangrepp och skapa godtyckliga filer. Observera: Såvida angriparen inte kan skapa kataloger i bildsökvägen eller där redan finns en läsbar katalog, påverkar detta inte installationer på Linux eftersom systemanropet fopen() kommer misslyckas ifall en undersökväg inte är läsbar.
- CVE-2009-0839
Det upptäcktes att mapserver är sårbar för ett stackbaserat buffertspill vid behandling av vissa GET-parametrar. En angripare kan använda detta för att exekvera godtycklig kod på servern med hjälp av specialskrivna id-parametrar.
- CVE-2009-0840
Ett heltalsspill som leder till ett heapbaserat buffertspill vid behandling av Content-Length-huvuden i en HTTP-förfrågan kan användas av en angripare för att exekvera godtycklig kod med hjälp av specialskrivna POST-frågor som innehåller negativa värden på Content-Length.
- CVE-2009-2281
Ett heltalsspill vid behandling av HTTP-förfrågningar kan leda till ett heapbaserat buffertspill. En angripare kan använda detta för att exekvera godtycklig kan, med hjälp av antingen specialskrivna Content-Length-värden eller stora HTTP-föfrågningar. Detta beror delvis på en otillräcklig rättelse för CVE-2009-0840.
För den gamla stabila utgåvan (Etch) har detta problem rättats i version 4.10.0-5.1+etch4.
För den stabila utgåvan (Lenny) har detta problem rättats i version 5.0.3-3+lenny4.
För uttestningsutgåvan (Squeeze) har detta problem rättats i version 5.4.2-1.
För den instabila utgåvan (Sid) har detta problem rättats i version 5.4.2-1.
Vi rekommenderar att ni uppgraderar era mapserver-paket.
- CVE-2009-0843
- Rättat i:
-
Debian GNU/Linux 4.0 (etch)
- Källkod:
- http://security.debian.org/pool/updates/main/m/mapserver/mapserver_4.10.0-5.1+etch4.dsc
- http://security.debian.org/pool/updates/main/m/mapserver/mapserver_4.10.0.orig.tar.gz
- http://security.debian.org/pool/updates/main/m/mapserver/mapserver_4.10.0-5.1+etch4.diff.gz
- http://security.debian.org/pool/updates/main/m/mapserver/mapserver_4.10.0.orig.tar.gz
- Arkitekturoberoende komponent:
- http://security.debian.org/pool/updates/main/m/mapserver/mapserver-doc_4.10.0-5.1+etch4_all.deb
- Alpha:
- http://security.debian.org/pool/updates/main/m/mapserver/cgi-mapserver_4.10.0-5.1+etch4_alpha.deb
- http://security.debian.org/pool/updates/main/m/mapserver/mapserver-bin_4.10.0-5.1+etch4_alpha.deb
- http://security.debian.org/pool/updates/main/m/mapserver/php5-mapscript_4.10.0-5.1+etch4_alpha.deb
- http://security.debian.org/pool/updates/main/m/mapserver/python-mapscript_4.10.0-5.1+etch4_alpha.deb
- http://security.debian.org/pool/updates/main/m/mapserver/php4-mapscript_4.10.0-5.1+etch4_alpha.deb
- http://security.debian.org/pool/updates/main/m/mapserver/perl-mapscript_4.10.0-5.1+etch4_alpha.deb
- http://security.debian.org/pool/updates/main/m/mapserver/mapserver-bin_4.10.0-5.1+etch4_alpha.deb
- ARM:
- http://security.debian.org/pool/updates/main/m/mapserver/php4-mapscript_4.10.0-5.1+etch4_arm.deb
- http://security.debian.org/pool/updates/main/m/mapserver/python-mapscript_4.10.0-5.1+etch4_arm.deb
- http://security.debian.org/pool/updates/main/m/mapserver/perl-mapscript_4.10.0-5.1+etch4_arm.deb
- http://security.debian.org/pool/updates/main/m/mapserver/cgi-mapserver_4.10.0-5.1+etch4_arm.deb
- http://security.debian.org/pool/updates/main/m/mapserver/mapserver-bin_4.10.0-5.1+etch4_arm.deb
- http://security.debian.org/pool/updates/main/m/mapserver/php5-mapscript_4.10.0-5.1+etch4_arm.deb
- http://security.debian.org/pool/updates/main/m/mapserver/python-mapscript_4.10.0-5.1+etch4_arm.deb
- Intel IA-32:
- http://security.debian.org/pool/updates/main/m/mapserver/php4-mapscript_4.10.0-5.1+etch4_i386.deb
- http://security.debian.org/pool/updates/main/m/mapserver/cgi-mapserver_4.10.0-5.1+etch4_i386.deb
- http://security.debian.org/pool/updates/main/m/mapserver/python-mapscript_4.10.0-5.1+etch4_i386.deb
- http://security.debian.org/pool/updates/main/m/mapserver/php5-mapscript_4.10.0-5.1+etch4_i386.deb
- http://security.debian.org/pool/updates/main/m/mapserver/mapserver-bin_4.10.0-5.1+etch4_i386.deb
- http://security.debian.org/pool/updates/main/m/mapserver/perl-mapscript_4.10.0-5.1+etch4_i386.deb
- http://security.debian.org/pool/updates/main/m/mapserver/cgi-mapserver_4.10.0-5.1+etch4_i386.deb
- Intel IA-64:
- http://security.debian.org/pool/updates/main/m/mapserver/python-mapscript_4.10.0-5.1+etch4_ia64.deb
- http://security.debian.org/pool/updates/main/m/mapserver/perl-mapscript_4.10.0-5.1+etch4_ia64.deb
- http://security.debian.org/pool/updates/main/m/mapserver/cgi-mapserver_4.10.0-5.1+etch4_ia64.deb
- http://security.debian.org/pool/updates/main/m/mapserver/php4-mapscript_4.10.0-5.1+etch4_ia64.deb
- http://security.debian.org/pool/updates/main/m/mapserver/mapserver-bin_4.10.0-5.1+etch4_ia64.deb
- http://security.debian.org/pool/updates/main/m/mapserver/php5-mapscript_4.10.0-5.1+etch4_ia64.deb
- http://security.debian.org/pool/updates/main/m/mapserver/perl-mapscript_4.10.0-5.1+etch4_ia64.deb
- Little-endian MIPS:
- http://security.debian.org/pool/updates/main/m/mapserver/php4-mapscript_4.10.0-5.1+etch4_mipsel.deb
- http://security.debian.org/pool/updates/main/m/mapserver/python-mapscript_4.10.0-5.1+etch4_mipsel.deb
- http://security.debian.org/pool/updates/main/m/mapserver/php5-mapscript_4.10.0-5.1+etch4_mipsel.deb
- http://security.debian.org/pool/updates/main/m/mapserver/cgi-mapserver_4.10.0-5.1+etch4_mipsel.deb
- http://security.debian.org/pool/updates/main/m/mapserver/mapserver-bin_4.10.0-5.1+etch4_mipsel.deb
- http://security.debian.org/pool/updates/main/m/mapserver/perl-mapscript_4.10.0-5.1+etch4_mipsel.deb
- http://security.debian.org/pool/updates/main/m/mapserver/python-mapscript_4.10.0-5.1+etch4_mipsel.deb
- PowerPC:
- http://security.debian.org/pool/updates/main/m/mapserver/php5-mapscript_4.10.0-5.1+etch4_powerpc.deb
- http://security.debian.org/pool/updates/main/m/mapserver/python-mapscript_4.10.0-5.1+etch4_powerpc.deb
- http://security.debian.org/pool/updates/main/m/mapserver/mapserver-bin_4.10.0-5.1+etch4_powerpc.deb
- http://security.debian.org/pool/updates/main/m/mapserver/cgi-mapserver_4.10.0-5.1+etch4_powerpc.deb
- http://security.debian.org/pool/updates/main/m/mapserver/perl-mapscript_4.10.0-5.1+etch4_powerpc.deb
- http://security.debian.org/pool/updates/main/m/mapserver/php4-mapscript_4.10.0-5.1+etch4_powerpc.deb
- http://security.debian.org/pool/updates/main/m/mapserver/python-mapscript_4.10.0-5.1+etch4_powerpc.deb
- IBM S/390:
- http://security.debian.org/pool/updates/main/m/mapserver/python-mapscript_4.10.0-5.1+etch4_s390.deb
- http://security.debian.org/pool/updates/main/m/mapserver/php5-mapscript_4.10.0-5.1+etch4_s390.deb
- http://security.debian.org/pool/updates/main/m/mapserver/mapserver-bin_4.10.0-5.1+etch4_s390.deb
- http://security.debian.org/pool/updates/main/m/mapserver/php4-mapscript_4.10.0-5.1+etch4_s390.deb
- http://security.debian.org/pool/updates/main/m/mapserver/perl-mapscript_4.10.0-5.1+etch4_s390.deb
- http://security.debian.org/pool/updates/main/m/mapserver/cgi-mapserver_4.10.0-5.1+etch4_s390.deb
- http://security.debian.org/pool/updates/main/m/mapserver/php5-mapscript_4.10.0-5.1+etch4_s390.deb
- Sun Sparc:
- http://security.debian.org/pool/updates/main/m/mapserver/php5-mapscript_4.10.0-5.1+etch4_sparc.deb
- http://security.debian.org/pool/updates/main/m/mapserver/php4-mapscript_4.10.0-5.1+etch4_sparc.deb
- http://security.debian.org/pool/updates/main/m/mapserver/perl-mapscript_4.10.0-5.1+etch4_sparc.deb
- http://security.debian.org/pool/updates/main/m/mapserver/cgi-mapserver_4.10.0-5.1+etch4_sparc.deb
- http://security.debian.org/pool/updates/main/m/mapserver/mapserver-bin_4.10.0-5.1+etch4_sparc.deb
- http://security.debian.org/pool/updates/main/m/mapserver/python-mapscript_4.10.0-5.1+etch4_sparc.deb
- http://security.debian.org/pool/updates/main/m/mapserver/php4-mapscript_4.10.0-5.1+etch4_sparc.deb
Debian GNU/Linux 5.0 (lenny)
- Källkod:
- http://security.debian.org/pool/updates/main/m/mapserver/mapserver_5.0.3.orig.tar.gz
- http://security.debian.org/pool/updates/main/m/mapserver/mapserver_5.0.3-3+lenny4.dsc
- http://security.debian.org/pool/updates/main/m/mapserver/mapserver_5.0.3-3+lenny4.diff.gz
- http://security.debian.org/pool/updates/main/m/mapserver/mapserver_5.0.3-3+lenny4.dsc
- Arkitekturoberoende komponent:
- http://security.debian.org/pool/updates/main/m/mapserver/libmapscript-ruby_5.0.3-3+lenny4_all.deb
- http://security.debian.org/pool/updates/main/m/mapserver/mapserver-doc_5.0.3-3+lenny4_all.deb
- http://security.debian.org/pool/updates/main/m/mapserver/mapserver-doc_5.0.3-3+lenny4_all.deb
- Alpha:
- http://security.debian.org/pool/updates/main/m/mapserver/cgi-mapserver_5.0.3-3+lenny4_alpha.deb
- http://security.debian.org/pool/updates/main/m/mapserver/python-mapscript_5.0.3-3+lenny4_alpha.deb
- http://security.debian.org/pool/updates/main/m/mapserver/perl-mapscript_5.0.3-3+lenny4_alpha.deb
- http://security.debian.org/pool/updates/main/m/mapserver/libmapscript-ruby1.9_5.0.3-3+lenny4_alpha.deb
- http://security.debian.org/pool/updates/main/m/mapserver/mapserver-bin_5.0.3-3+lenny4_alpha.deb
- http://security.debian.org/pool/updates/main/m/mapserver/php5-mapscript_5.0.3-3+lenny4_alpha.deb
- http://security.debian.org/pool/updates/main/m/mapserver/libmapscript-ruby1.8_5.0.3-3+lenny4_alpha.deb
- http://security.debian.org/pool/updates/main/m/mapserver/python-mapscript_5.0.3-3+lenny4_alpha.deb
- ARM:
- http://security.debian.org/pool/updates/main/m/mapserver/php5-mapscript_5.0.3-3+lenny4_arm.deb
- http://security.debian.org/pool/updates/main/m/mapserver/mapserver-bin_5.0.3-3+lenny4_arm.deb
- http://security.debian.org/pool/updates/main/m/mapserver/libmapscript-ruby1.9_5.0.3-3+lenny4_arm.deb
- http://security.debian.org/pool/updates/main/m/mapserver/perl-mapscript_5.0.3-3+lenny4_arm.deb
- http://security.debian.org/pool/updates/main/m/mapserver/libmapscript-ruby1.8_5.0.3-3+lenny4_arm.deb
- http://security.debian.org/pool/updates/main/m/mapserver/cgi-mapserver_5.0.3-3+lenny4_arm.deb
- http://security.debian.org/pool/updates/main/m/mapserver/python-mapscript_5.0.3-3+lenny4_arm.deb
- http://security.debian.org/pool/updates/main/m/mapserver/mapserver-bin_5.0.3-3+lenny4_arm.deb
- ARM EABI:
- http://security.debian.org/pool/updates/main/m/mapserver/mapserver-bin_5.0.3-3+lenny4_armel.deb
- http://security.debian.org/pool/updates/main/m/mapserver/libmapscript-ruby1.9_5.0.3-3+lenny4_armel.deb
- http://security.debian.org/pool/updates/main/m/mapserver/cgi-mapserver_5.0.3-3+lenny4_armel.deb
- http://security.debian.org/pool/updates/main/m/mapserver/php5-mapscript_5.0.3-3+lenny4_armel.deb
- http://security.debian.org/pool/updates/main/m/mapserver/perl-mapscript_5.0.3-3+lenny4_armel.deb
- http://security.debian.org/pool/updates/main/m/mapserver/python-mapscript_5.0.3-3+lenny4_armel.deb
- http://security.debian.org/pool/updates/main/m/mapserver/libmapscript-ruby1.8_5.0.3-3+lenny4_armel.deb
- http://security.debian.org/pool/updates/main/m/mapserver/libmapscript-ruby1.9_5.0.3-3+lenny4_armel.deb
- Intel IA-32:
- http://security.debian.org/pool/updates/main/m/mapserver/mapserver-bin_5.0.3-3+lenny4_i386.deb
- http://security.debian.org/pool/updates/main/m/mapserver/php5-mapscript_5.0.3-3+lenny4_i386.deb
- http://security.debian.org/pool/updates/main/m/mapserver/libmapscript-ruby1.8_5.0.3-3+lenny4_i386.deb
- http://security.debian.org/pool/updates/main/m/mapserver/libmapscript-ruby1.9_5.0.3-3+lenny4_i386.deb
- http://security.debian.org/pool/updates/main/m/mapserver/perl-mapscript_5.0.3-3+lenny4_i386.deb
- http://security.debian.org/pool/updates/main/m/mapserver/python-mapscript_5.0.3-3+lenny4_i386.deb
- http://security.debian.org/pool/updates/main/m/mapserver/cgi-mapserver_5.0.3-3+lenny4_i386.deb
- http://security.debian.org/pool/updates/main/m/mapserver/php5-mapscript_5.0.3-3+lenny4_i386.deb
- Intel IA-64:
- http://security.debian.org/pool/updates/main/m/mapserver/php5-mapscript_5.0.3-3+lenny4_ia64.deb
- http://security.debian.org/pool/updates/main/m/mapserver/mapserver-bin_5.0.3-3+lenny4_ia64.deb
- http://security.debian.org/pool/updates/main/m/mapserver/perl-mapscript_5.0.3-3+lenny4_ia64.deb
- http://security.debian.org/pool/updates/main/m/mapserver/libmapscript-ruby1.9_5.0.3-3+lenny4_ia64.deb
- http://security.debian.org/pool/updates/main/m/mapserver/cgi-mapserver_5.0.3-3+lenny4_ia64.deb
- http://security.debian.org/pool/updates/main/m/mapserver/libmapscript-ruby1.8_5.0.3-3+lenny4_ia64.deb
- http://security.debian.org/pool/updates/main/m/mapserver/python-mapscript_5.0.3-3+lenny4_ia64.deb
- http://security.debian.org/pool/updates/main/m/mapserver/mapserver-bin_5.0.3-3+lenny4_ia64.deb
- Big-endian MIPS:
- http://security.debian.org/pool/updates/main/m/mapserver/cgi-mapserver_5.0.3-3+lenny4_mips.deb
- http://security.debian.org/pool/updates/main/m/mapserver/perl-mapscript_5.0.3-3+lenny4_mips.deb
- http://security.debian.org/pool/updates/main/m/mapserver/mapserver-bin_5.0.3-3+lenny4_mips.deb
- http://security.debian.org/pool/updates/main/m/mapserver/php5-mapscript_5.0.3-3+lenny4_mips.deb
- http://security.debian.org/pool/updates/main/m/mapserver/libmapscript-ruby1.9_5.0.3-3+lenny4_mips.deb
- http://security.debian.org/pool/updates/main/m/mapserver/python-mapscript_5.0.3-3+lenny4_mips.deb
- http://security.debian.org/pool/updates/main/m/mapserver/libmapscript-ruby1.8_5.0.3-3+lenny4_mips.deb
- http://security.debian.org/pool/updates/main/m/mapserver/perl-mapscript_5.0.3-3+lenny4_mips.deb
- Little-endian MIPS:
- http://security.debian.org/pool/updates/main/m/mapserver/cgi-mapserver_5.0.3-3+lenny4_mipsel.deb
- http://security.debian.org/pool/updates/main/m/mapserver/python-mapscript_5.0.3-3+lenny4_mipsel.deb
- http://security.debian.org/pool/updates/main/m/mapserver/libmapscript-ruby1.8_5.0.3-3+lenny4_mipsel.deb
- http://security.debian.org/pool/updates/main/m/mapserver/libmapscript-ruby1.9_5.0.3-3+lenny4_mipsel.deb
- http://security.debian.org/pool/updates/main/m/mapserver/php5-mapscript_5.0.3-3+lenny4_mipsel.deb
- http://security.debian.org/pool/updates/main/m/mapserver/perl-mapscript_5.0.3-3+lenny4_mipsel.deb
- http://security.debian.org/pool/updates/main/m/mapserver/mapserver-bin_5.0.3-3+lenny4_mipsel.deb
- http://security.debian.org/pool/updates/main/m/mapserver/python-mapscript_5.0.3-3+lenny4_mipsel.deb
- PowerPC:
- http://security.debian.org/pool/updates/main/m/mapserver/cgi-mapserver_5.0.3-3+lenny4_powerpc.deb
- http://security.debian.org/pool/updates/main/m/mapserver/php5-mapscript_5.0.3-3+lenny4_powerpc.deb
- http://security.debian.org/pool/updates/main/m/mapserver/libmapscript-ruby1.8_5.0.3-3+lenny4_powerpc.deb
- http://security.debian.org/pool/updates/main/m/mapserver/libmapscript-ruby1.9_5.0.3-3+lenny4_powerpc.deb
- http://security.debian.org/pool/updates/main/m/mapserver/perl-mapscript_5.0.3-3+lenny4_powerpc.deb
- http://security.debian.org/pool/updates/main/m/mapserver/python-mapscript_5.0.3-3+lenny4_powerpc.deb
- http://security.debian.org/pool/updates/main/m/mapserver/mapserver-bin_5.0.3-3+lenny4_powerpc.deb
- http://security.debian.org/pool/updates/main/m/mapserver/php5-mapscript_5.0.3-3+lenny4_powerpc.deb
- Sun Sparc:
- http://security.debian.org/pool/updates/main/m/mapserver/libmapscript-ruby1.8_5.0.3-3+lenny4_sparc.deb
- http://security.debian.org/pool/updates/main/m/mapserver/mapserver-bin_5.0.3-3+lenny4_sparc.deb
- http://security.debian.org/pool/updates/main/m/mapserver/libmapscript-ruby1.9_5.0.3-3+lenny4_sparc.deb
- http://security.debian.org/pool/updates/main/m/mapserver/python-mapscript_5.0.3-3+lenny4_sparc.deb
- http://security.debian.org/pool/updates/main/m/mapserver/cgi-mapserver_5.0.3-3+lenny4_sparc.deb
- http://security.debian.org/pool/updates/main/m/mapserver/php5-mapscript_5.0.3-3+lenny4_sparc.deb
- http://security.debian.org/pool/updates/main/m/mapserver/perl-mapscript_5.0.3-3+lenny4_sparc.deb
- http://security.debian.org/pool/updates/main/m/mapserver/mapserver-bin_5.0.3-3+lenny4_sparc.deb
MD5-kontrollsummor för dessa filer finns i originalbulletinen.