Your message dated Wed, 25 Jan 2006 13:41:41 +0100
with message-id <[EMAIL PROTECTED]>
and subject line Mailman UTF8 filename DoS attack solved in Sarge
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 11 Sep 2005 18:51:36 +0000
>From [EMAIL PROTECTED] Sun Sep 11 11:51:36 2005
Return-path: <[EMAIL PROTECTED]>
Received: from galileo.cujae.edu.cu [200.55.139.18]
by spohr.debian.org with esmtp (Exim 3.36 1 (Debian))
id 1EEWvP-0005Jo-00; Sun, 11 Sep 2005 11:51:36 -0700
Received: from galileo.cujae.edu.cu (galileo [127.0.0.1])
by galileo.cujae.edu.cu (Postfix) with SMTP id B7D98B0016
for <[EMAIL PROTECTED]>; Sun, 11 Sep 2005 14:50:49 -0400 (CDT)
Received: from newton.cujae.edu.cu (proxy2.cujae.edu.cu [172.16.13.69])
by galileo.cujae.edu.cu (Postfix) with ESMTP id 9AC75B0011
for <[EMAIL PROTECTED]>; Sun, 11 Sep 2005 14:50:49 -0400 (CDT)
Received: from newton (localhost.localdomain [127.0.0.1])
by newton.cujae.edu.cu (Postfix) with SMTP id 253C33CC2D2
for <[EMAIL PROTECTED]>; Sun, 11 Sep 2005 14:50:41 -0400 (CDT)
Received: by newton.cujae.edu.cu (Postfix, from userid 1001)
id 150F03CC2D6; Sun, 11 Sep 2005 14:50:41 -0400 (CDT)
Received: from tesla.cujae.edu.cu (tesla.cujae.edu.cu [172.16.13.34])
by newton.cujae.edu.cu (Postfix) with ESMTP id D3DA83CC2D2
for <[EMAIL PROTECTED]>; Sun, 11 Sep 2005 14:50:40 -0400 (CDT)
Received: from [172.17.24.11] by tesla.cujae.edu.cu
(Cipher TLSv1:RC4-MD5:128) (MDaemon.PRO.v8.0.2.R)
with ESMTP id 04-md50000003310.msg
for <[EMAIL PROTECTED]>; Sun, 11 Sep 2005 14:50:52 -0400
Message-ID: <[EMAIL PROTECTED]>
Date: Sun, 11 Sep 2005 14:50:02 -0400
From: Aliet Santiesteban Sifontes <[EMAIL PROTECTED]>
User-Agent: Thunderbird 1.0+ (Windows/20050803)
MIME-Version: 1.0
To: [EMAIL PROTECTED]
Subject: Dos attack to a list in mailman using sarge due to impropper handling
of exception of utf8
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-Authenticated-Sender: [EMAIL PROTECTED]
X-MDRemoteIP: 172.17.24.11
X-Return-Path: [EMAIL PROTECTED]
X-MDaemon-Deliver-To: [EMAIL PROTECTED]
X-Spam-Processed: tesla.cujae.edu.cu, Sun, 11 Sep 2005 14:50:53 -0400
X-MDAV-Processed: tesla.cujae.edu.cu, Sun, 11 Sep 2005 14:50:53 -0400
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2005_01_02
Package: mailman
Version: 2.1.5-8
Severity: |grave|
Site running several lists, it seems that a specially formed message can Dos a
list
due to impropper handling of a exception, the lists sops working, here the
mailman error, all messages then
goes to shunt:
Sep 11 13:34:35 2005 (12535) Uncaught runner exception: 'utf8' codec can't
decode bytes in position 1-4: invalid data
Sep 11 13:34:35 2005 (12535) Traceback (most recent call last):
File "/usr/lib/mailman/Mailman/Queue/Runner.py", line 111, in _oneloop
self._onefile(msg, msgdata)
File "/usr/lib/mailman/Mailman/Queue/Runner.py", line 167, in _onefile
keepqueued = self._dispose(mlist, msg, msgdata)
File "/usr/lib/mailman/Mailman/Queue/IncomingRunner.py", line 130, in _dispose
more = self._dopipeline(mlist, msg, msgdata, pipeline)
File "/usr/lib/mailman/Mailman/Queue/IncomingRunner.py", line 153, in
_dopipeline
sys.modules[modname].process(mlist, msg, msgdata)
File "/var/lib/mailman/Mailman/Handlers/ToDigest.py", line 91, in process
send_digests(mlist, mboxfp)
File "/var/lib/mailman/Mailman/Handlers/ToDigest.py", line 132, in
send_digests
send_i18n_digests(mlist, mboxfp)
File "/var/lib/mailman/Mailman/Handlers/ToDigest.py", line 306, in
send_i18n_digests
msg = scrubber(mlist, msg)
File "/var/lib/mailman/Mailman/Handlers/Scrubber.py", line 265, in process
url = save_attachment(mlist, part, dir)
File "/var/lib/mailman/Mailman/Handlers/Scrubber.py", line 361, in
save_attachment
fnext = os.path.splitext(msg.get_filename(''))[1]
File "/usr/lib/python2.3/email/Message.py", line 731, in get_filename
return unicode(newvalue[2], newvalue[0] or 'us-ascii')
UnicodeDecodeError: 'utf8' codec can't decode bytes in position 1-4: invalid
data
Sep 11 13:34:35 2005 (12535) SHUNTING:
1126458561.9029009+2ca02ecc54d36f4e0a88a7ab17fc28736bd23635
Any ideas?
---------------------------------------
Received: (at 339095-done) by bugs.debian.org; 25 Jan 2006 12:41:43 +0000
>From [EMAIL PROTECTED] Wed Jan 25 04:41:43 2006
Return-path: <[EMAIL PROTECTED]>
Received: from 213-84-114-29.adsl.xs4all.nl ([213.84.114.29]
helo=capsaicin.mamane.lu)
by spohr.debian.org with esmtp (Exim 4.50)
id 1F1jy3-00026z-GD
for [EMAIL PROTECTED]; Wed, 25 Jan 2006 04:41:43 -0800
Received: from master by capsaicin.mamane.lu with local (Exim 4.60)
(envelope-from <[EMAIL PROTECTED]>)
id 1F1jy1-0000eD-Sy
for [EMAIL PROTECTED]; Wed, 25 Jan 2006 13:41:41 +0100
Date: Wed, 25 Jan 2006 13:41:41 +0100
From: Lionel Elie Mamane <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: Mailman UTF8 filename DoS attack solved in Sarge
Message-ID: <[EMAIL PROTECTED]>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
X-Operating-System: GNU/Linux
X-Request-PGP: http://www.mamane.lu/openpgp/rsa_v4_4096.asc
User-Agent: Mutt/1.5.11
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-3.0 required=4.0 tests=BAYES_00 autolearn=no
version=2.60-bugs.debian.org_2005_01_02
Version: 2.1.5-8sarge1
The DSA is out and the packages available from
http://security.debian.org/ . Closing bug.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
