[SECURITY] [DSA-262-1] samba security fix
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-262-1 [EMAIL PROTECTED] http://www.debian.org/security/ Wichert Akkerman March 15, 2003 - Package: samba Problem type : remote exploit Debian-specific: no CVE ids: CAN-2003-0085 CAN-2003-0086 Sebastian Krahmer of the SuSE security audit team found two problems in samba, a popular SMB/CIFS implementation. The problems are: * a buffer overflow in the SMB/CIFS packet fragment re-assembly code used by smbd. Since smbd runs as root an attacker can use this to gain root access to a machine running smbd. * the code to write reg files was vulnerable for a chown race which made it possible for a local user to overwrite system files Both problems have been fixed in upstream version 2.2.8, and version 2.2.3a-12.1 of package for Debian GNU/Linux 3.0/woody. - Obtaining updates: By hand: wget URL will fetch the file for you. dpkg -i FILENAME.deb will install the fetched file. With apt: deb http://security.debian.org/ stable/updates main added to /etc/apt/sources.list will provide security updates Additional information can be found on the Debian security webpages at http://www.debian.org/security/ - Debian GNU/Linux 2.2 alias potato - - No fixes for potato are available at this moment. Debian GNU/Linux 3.0 alias woody - Woody was released for alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390 and sparc. Updated packages for m68k are not available at this moment. Source archives: http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-12.1.dsc Size/MD5 checksum: 1417 f8ba1f1c191d72245498fe8517b34dfb http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a.orig.tar.gz Size/MD5 checksum: 5460531 b6ec2f076af69331535a82b586f55254 http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-12.1.diff.gz Size/MD5 checksum: 105954 c4f722541096dbdc492b3e37d532a457 Architecture independent packages: http://security.debian.org/pool/updates/main/s/samba/samba-doc_2.2.3a-12.1_all.deb Size/MD5 checksum: 2446596 09b98f69fe6fa23543824c13c5ef98c5 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-12.1_alpha.deb Size/MD5 checksum: 622740 53102afe9bc7357abaac9e6d163cff15 http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-12.1_alpha.deb Size/MD5 checksum: 600148 cdb00b063309e1bc314c013a2ab7df9d http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-12.1_alpha.deb Size/MD5 checksum: 1131054 9cf909b0e8b1a71945addbdb0a5b4051 http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-12.1_alpha.deb Size/MD5 checksum: 949532 3310dbdefcc1062ad3d940df6448d106 http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-12.1_alpha.deb Size/MD5 checksum: 1106444 26f1822f7a466d546b8d131e244b9403 http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-12.1_alpha.deb Size/MD5 checksum: 2955638 108a1e79c6e0f4d35d239fa0da5d2af2 http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-12.1_alpha.deb Size/MD5 checksum: 415342 1e0d39fbdd1b4adabc4e83efc9652ade http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-12.1_alpha.deb Size/MD5 checksum: 489330 4cc41e31ca14bca6c627885bf4158306 http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-12.1_alpha.deb Size/MD5 checksum: 1155752 96fc4d4fba8d5144eca524dab0d3f676 arm architecture (ARM) http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-12.1_arm.deb Size/MD5 checksum: 999684 e9a198658e31008f2029911fa8f3e6c6 http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-12.1_arm.deb Size/MD5 checksum: 829522 62dec09d61eacb27021e2bd7285a1485 http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-12.1_arm.deb Size/MD5 checksum: 555796 cf1ed859a65e3918290b046ebb94714e http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-12.1_arm.deb Size/MD5 checksum: 460742 b76711eedb3c58557919017bef9b66f3 http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-12.1_arm.deb Size/MD5 checksum: 1021712 6274000513467291e4e2e636e49e3caa http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-12.1_arm.deb Size/MD5 checksum: 546112
[SECURITY] [DSA-257-1] sendmail remote exploit
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-257-1 [EMAIL PROTECTED] http://www.debian.org/security/ Wichert Akkerman March 4, 2003 - Package: sendmail Problem type : remote exploit Debian-specific: no Mark Dowd of ISS X-Force found a bug in the header parsing routines of sendmail: it could overflow a buffer overflow when encountering addresses with very long comments. Since sendmail also parses headers when forwarding emails this vulnerability can hit mail-servers which do not deliver the email as well. This has been fixed in upstream release 8.12.8, version 8.12.3-5 of the package for Debian GNU/Linux 3.0/woody and version 8.9.3-25 of the package for Debian GNU/Linux 2.2/potato. - Obtaining updates: By hand: wget URL will fetch the file for you. dpkg -i FILENAME.deb will install the fetched file. With apt: deb http://security.debian.org/ stable/updates main added to /etc/apt/sources.list will provide security updates Additional information can be found on the Debian security webpages at http://www.debian.org/security/ - Debian GNU/Linux 2.2 alias potato - - Potato was released for alpha, arm, i386, m68k, powerpc and sparc. At this moment updates for the m68k architecture are not yet available. Source archives: http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.9.3-25.diff.gz Size/MD5 checksum: 142053 a5172ea9cce863ff7796a0e1573bb361 http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.9.3-25.dsc Size/MD5 checksum: 651 5c9e20403c26133eb3b7cd3fad80a608 http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.9.3.orig.tar.gz Size/MD5 checksum: 1068290 efedacfbce84a71d1cfb0e617b84596e alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.9.3-25_alpha.deb Size/MD5 checksum: 989462 5a76b01999d5691e3dfd841f28e76ab1 arm architecture (ARM) http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.9.3-25_arm.deb Size/MD5 checksum: 947790 c0cf8d1e66be69d3525623d126af7c4d i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.9.3-25_i386.deb Size/MD5 checksum: 931394 b2cd8eb24365b443849ac74bf267a373 powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.9.3-25_powerpc.deb Size/MD5 checksum: 933404 077353947cd8d31bf9cd7b3fdb037b66 sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.9.3-25_sparc.deb Size/MD5 checksum: 945388 2d08ccae7c9afcfa553df345de92f7d2 Debian GNU/Linux 3.0 alias woody - Woody was released for alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390 and sparc. At this moment updates for the m68k architecture are not yet available. Source archives: http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.12.3-5.diff.gz Size/MD5 checksum: 252348 2176de8c6803953544e45be7cb5b9edf http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.12.3-5.dsc Size/MD5 checksum: 864 d59c00fa854c4f799a3b80cbc5afb430 http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.12.3.orig.tar.gz Size/MD5 checksum: 1840401 b198b346b10b3b5afc8cb4e12c07ff4d Architecture independent packages: http://security.debian.org/pool/updates/main/s/sendmail/sendmail-doc_8.12.3-5_all.deb Size/MD5 checksum: 747180 22fd21892f01d09bd0f8dea8b775c9d9 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.12.3-5_alpha.deb Size/MD5 checksum: 1218128 58560487fc226a845fd7296660a61cb5 http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.12.3-5_alpha.deb Size/MD5 checksum: 267188 a76d0c273d9dd6e5e21036687d08a9dc hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.12.3-5_hppa.deb Size/MD5 checksum: 261038 641be1e03d7740867a3411169c679df9 http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.12.3-5_hppa.deb Size/MD5 checksum: 1183136 b28aefc29d9d006d2e41b20cabe3a022 i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.12.3-5_i386.deb Size/MD5 checksum: 1003544 add112cbca33ed2ef08c71f4310c3b99 http://security.debian.org/pool/updates/main/s/sendmail/libmilter
[SECURITY] [DSA-212-1] Multiple MySQL vulnerabilities
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-212-1 [EMAIL PROTECTED] http://www.debian.org/security/ Wichert Akkerman December 17, 2002 - Package: mysql Problem type : multiple problems Debian-specific: no CVE references : CAN-2002-1373, CAN-2002-1374, CAN-2002-1375, CAN-2002-1376 While performing an audit of MySQL e-matters found several problems: * signed/unsigned problem in COM_TABLE_DUMP Two sizes were taken as signed integers from a request and then cast to unsigned integers without checking for negative numbers. Since the resulting numbers where used for a memcpy() operation this could lead to memory corruption. * Password length handling in COM_CHANGE_USER When re-authenticating to a different user MySQL did not perform all checks that are performed on initial authentication. This created two problems: * it allowed for single-character password brute forcing (as was fixed in February 2000 for initial login) which could be used by a normal user to gain root privileges to the database * it was possible to overflow the password buffer and force the server to execute arbitrary code * read_rows() overflow in libmysqlclient When processing the rows returned by a SQL server there was no check for overly large rows or terminating NUL characters. This can be used to exploit SQL clients if they connect to a compromised MySQL server. * read_one_row() overflow in libmysqlclient When processing a row as returned by a SQL server the returned field sizes were not verified. This can be used to exploit SQL clients if they connect to a compromised MySQL server. For Debian GNU/Linux 3.0/woody this has been fixed in version 3.23.49-8.2 and version 3.22.32-6.3 for Debian GNU/Linux 2.2/potato. We recommend that you upgrade your mysql packages as soon as possible. - Obtaining updates: By hand: wget URL will fetch the file for you. dpkg -i FILENAME.deb will install the fetched file. With apt: deb http://security.debian.org/ stable/updates main added to /etc/apt/sources.list will provide security updates Additional information can be found on the Debian security webpages at http://www.debian.org/security/ - Debian 2.2 (oldstable) - -- Oldstable was released for alpha, arm, i386, m68k, powerpc and sparc. Source archives: http://security.debian.org/pool/updates/main/m/mysql/mysql_3.22.32-6.3.dsc Size/MD5 checksum: 1305 26482e7b5f51fe036c9270043877483a http://security.debian.org/pool/updates/main/m/mysql/mysql_3.22.32.orig.tar.gz Size/MD5 checksum: 4296259 e3d9cb3038a2e4378c9c0f4f9d8c2d58 http://security.debian.org/pool/updates/main/m/mysql/mysql_3.22.32-6.3.diff.gz Size/MD5 checksum:84166 79faf5c0f1e6ab6c4c3b7511f9cc1e71 Architecture independent packages: http://security.debian.org/pool/updates/main/m/mysql/mysql-doc_3.22.32-6.3_all.deb Size/MD5 checksum: 1687018 e3d348a98e08bbff4085215356c5dcc7 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/m/mysql/mysql-server_3.22.32-6.3_alpha.deb Size/MD5 checksum: 790098 2d103be33a041fa8af05a6d1a8fae1fc http://security.debian.org/pool/updates/main/m/mysql/mysql-client_3.22.32-6.3_alpha.deb Size/MD5 checksum:99516 c3803f9e8e090bc9755cc8502f7dd860 arm architecture (ARM) http://security.debian.org/pool/updates/main/m/mysql/mysql-server_3.22.32-6.3_arm.deb Size/MD5 checksum: 603710 028266a7c4c99365a8fe715fda7635b9 http://security.debian.org/pool/updates/main/m/mysql/mysql-client_3.22.32-6.3_arm.deb Size/MD5 checksum:87190 0f6e1c53dd71bd45ec0bfc7bdd3e92c3 i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/m/mysql/mysql-server_3.22.32-6.3_i386.deb Size/MD5 checksum: 585150 54c0e5b9aa43a2d4fd2137f22851243a http://security.debian.org/pool/updates/main/m/mysql/mysql-client_3.22.32-6.3_i386.deb Size/MD5 checksum:86768 fe2974d4fc341c7fc5c3866636a49676 m68k architecture (Motorola Mc680x0) http://security.debian.org/pool/updates/main/m/mysql/mysql-server_3.22.32-6.3_m68k.deb Size/MD5 checksum: 554888 5d636134e003bdd33f6dd74e60ca6570 http://security.debian.org/pool/updates/main/m/mysql/mysql-client_3.22.32-6.3_m68k.deb Size/MD5 checksum:84534 47f6aa149c3b872722b5357bb962c0a7 powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/m/mysql/mysql-server_3.22.32-6.3_powerpc.deb Size/MD5 checksum: 632736 47f997aa3cac2d514ec11fba8e7d3709
[SECURITY] [DSA-209-1] two wget problems
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-209-1 [EMAIL PROTECTED] http://www.debian.org/security/ Wichert Akkerman December 12, 2002 - Package: wget Problem type : directory traversal buffer overflow Debian-specific: no CVEs : CAN-2002-1344 Two problems have been found in the wget package as distributed in Debian GNU/Linux: * Stefano Zacchiroli found a buffer overrun in the url_filename function, which would make wget segfault on very long URLs * Steven M. Christey discovered that wget did not verify the FTP server response to a NLST command: it must not contain any directory information, since that can be used to make a FTP client overwrite arbitrary files. Both problems have been fixed in version 1.5.3-3.1 for Debian GNU/Linux 2.2/potato and version 1.8.1-6.1 for Debian GNU/Linux 3.0/woody. - Obtaining updates: By hand: wget URL will fetch the file for you. dpkg -i FILENAME.deb will install the fetched file. With apt: deb http://security.debian.org/ stable/updates main added to /etc/apt/sources.list will provide security updates Additional information can be found on the Debian security webpages at http://www.debian.org/security/ - Debian GNU/Linux 2.2 alias potato - - Potato was released for alpha, arm, i386, m68k, powerpc and sparc. Source archives: http://security.debian.org/pool/updates/main/w/wget/wget_1.5.3-3.1.diff.gz Size/MD5 checksum:75231 61d99d8ab75b95cd9fa2459e74182a50 http://security.debian.org/pool/updates/main/w/wget/wget_1.5.3.orig.tar.gz Size/MD5 checksum: 446966 47680b25bf893afdb0c43b24e3fc2fd6 http://security.debian.org/pool/updates/main/w/wget/wget_1.5.3-3.1.dsc Size/MD5 checksum: 1163 9eb3c57aa94d74e3c6e4097b5d941563 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/w/wget/wget_1.5.3-3.1_alpha.deb Size/MD5 checksum: 249228 0eedd7487056460a8de93ea2ed3402f2 arm architecture (ARM) http://security.debian.org/pool/updates/main/w/wget/wget_1.5.3-3.1_arm.deb Size/MD5 checksum: 233342 9a57b21e6611b46b3991bb38e75dbd08 i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/w/wget/wget_1.5.3-3.1_i386.deb Size/MD5 checksum: 227812 fc7c576836d26cebc397c07f3bbd1488 m68k architecture (Motorola Mc680x0) http://security.debian.org/pool/updates/main/w/wget/wget_1.5.3-3.1_m68k.deb Size/MD5 checksum: 224820 b967f1e1b960be2fce3fb2cae55b6710 powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/w/wget/wget_1.5.3-3.1_powerpc.deb Size/MD5 checksum: 234646 48b138d481cebbe85b437d82b63285b7 sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/w/wget/wget_1.5.3-3.1_sparc.deb Size/MD5 checksum: 235500 631874205d8d85378555387209a9db37 Debian GNU/Linux 3.0 alias woody - Woody was released for alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390 and sparc. An update for mipsel is not available at this moment. Source archives: http://security.debian.org/pool/updates/main/w/wget/wget_1.8.1.orig.tar.gz Size/MD5 checksum: 1097780 6ca8e939476e840f0ce69a3b31c13060 http://security.debian.org/pool/updates/main/w/wget/wget_1.8.1-6.1.diff.gz Size/MD5 checksum: 9939 69f96b6608e043e0d781061a22e90169 http://security.debian.org/pool/updates/main/w/wget/wget_1.8.1-6.1.dsc Size/MD5 checksum: 1217 97af60040e8d7a2cd538d18a5120cd87 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/w/wget/wget_1.8.1-6.1_alpha.deb Size/MD5 checksum: 364338 aeade9ab45904c8b6c64fcdb5934576e arm architecture (ARM) http://security.debian.org/pool/updates/main/w/wget/wget_1.8.1-6.1_arm.deb Size/MD5 checksum: 335972 dfe4085e95fd53be9821d1b33d79d134 hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/w/wget/wget_1.8.1-6.1_hppa.deb Size/MD5 checksum: 355790 32dd606c8dc5b3d3fc8000519009de4e i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/w/wget/wget_1.8.1-6.1_i386.deb Size/MD5 checksum: 332394 afc976eaaf4cd416f8eedd347d18367b ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/w/wget/wget_1.8.1-6.1_ia64.deb Size/MD5 checksum: 393540 efb82eb46927b657fa8e2706f475bf53 m68k architecture (Motorola Mc680x0) http://security.debian.org/pool/updates/main/w
[SECURITY] [DSA-210-1] lynx CRLF injection
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-210-1 [EMAIL PROTECTED] http://www.debian.org/security/ Wichert Akkerman December 13, 2002 - Package: lynx, lynx-ssl Problem type : CRLF injection Debian-specific: no lynx (a text-only web browser) did not properly check for illegal characters in all places, including processing of command line options, which could be used to insert extra HTTP headers in a request. For Debian GNU/Linux 2.2/potato this has been fixed in version 2.8.3-1.1 of the lynx package and version 2.8.3.1-1.1 of the lynx-ssl package. For Debian GNU/Linux 3.0/woody this has been fixed in version 2.8.4.1b-3.2 of the lynx package and version 1:2.8.4.1b-3.1 of the lynx-ssl package. - Obtaining updates: By hand: wget URL will fetch the file for you. dpkg -i FILENAME.deb will install the fetched file. With apt: deb http://security.debian.org/ stable/updates main added to /etc/apt/sources.list will provide security updates Additional information can be found on the Debian security webpages at http://www.debian.org/security/ - Debian GNU/Linux 2.2 alias potato - - Potato was released for alpha, arm, i386, m68k, powerpc and sparc. Source archives: http://security.debian.org/pool/updates/main/l/lynx-ssl/lynx-ssl_2.8.3.1.orig.tar.gz Size/MD5 checksum: 2058352 2ee38e4b05d587a787c33bff9085c098 http://security.debian.org/pool/updates/main/l/lynx-ssl/lynx-ssl_2.8.3.1-1.1.dsc Size/MD5 checksum: 1279 3eccb5692780db83f078013ff8796224 http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.3-1.1.dsc Size/MD5 checksum: 1229 2924513df600a7cc6b4d29987a325107 http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.3.orig.tar.gz Size/MD5 checksum: 2024975 0fc239287592e885231e4be2fb2cd755 http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.3-1.1.diff.gz Size/MD5 checksum:20091 507a328f301a1c37471a69e60df4479d http://security.debian.org/pool/updates/main/l/lynx-ssl/lynx-ssl_2.8.3.1-1.1.diff.gz Size/MD5 checksum: 101630 59d4dfb527584001374bebdcc9760623 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/l/lynx-ssl/lynx-ssl_2.8.3.1-1.1_alpha.deb Size/MD5 checksum: 1165112 dce2288ab84eaac8851c657ab271f5cd http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.3-1.1_alpha.deb Size/MD5 checksum: 1155516 775381bbf1c7c5f3177b17369969fda7 arm architecture (ARM) http://security.debian.org/pool/updates/main/l/lynx-ssl/lynx-ssl_2.8.3.1-1.1_arm.deb Size/MD5 checksum: 1018784 ba8d2ee2271ebb56216e4f9c67690f6a http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.3-1.1_arm.deb Size/MD5 checksum: 1006492 85a7c675d239cce67e4d7076d69e8c48 i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.3-1.1_i386.deb Size/MD5 checksum: 973310 9f591d8c7e97b1bd84da2f841397a75c http://security.debian.org/pool/updates/main/l/lynx-ssl/lynx-ssl_2.8.3.1-1.1_i386.deb Size/MD5 checksum: 980678 ef6cf5f0e4a8781b14876639fafa78be m68k architecture (Motorola Mc680x0) http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.3-1.1_m68k.deb Size/MD5 checksum: 928930 b77c252b5da24613fd6b24ee7b8f09f5 http://security.debian.org/pool/updates/main/l/lynx-ssl/lynx-ssl_2.8.3.1-1.1_m68k.deb Size/MD5 checksum: 938162 e3b5992515dfb3f537ee9ece56a05083 powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/l/lynx-ssl/lynx-ssl_2.8.3.1-1.1_powerpc.deb Size/MD5 checksum: 1026988 3453040226d6fde9fb23ff8334d5e382 http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.3-1.1_powerpc.deb Size/MD5 checksum: 1015372 c2e0c1e1026f7fd2053d2c09cab90be1 sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.3-1.1_sparc.deb Size/MD5 checksum: 1015696 3a207988cadc086720029abf6a227954 http://security.debian.org/pool/updates/main/l/lynx-ssl/lynx-ssl_2.8.3.1-1.1_sparc.deb Size/MD5 checksum: 1028208 bf6725e66a603d0652a6a987f737c64b Debian GNU/Linux 3.0 alias woody - Woody was released for alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390 and sparc. Source archives: http://security.debian.org/pool/updates/main/l/lynx-ssl/lynx-ssl_2.8.4.1b.orig.tar.gz Size/MD5 checksum: 2557510 053a10f76b871e3944c11c7776da7f7a http://security.debian.org/pool/updates
[SECURITY] [DSA-206-1] tcpdump BGP decoding error
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-206-1 [EMAIL PROTECTED] http://www.debian.org/security/ Wichert Akkerman December 10, 2002 - Package: tcpdump Problem type : incorrect bounds checking Debian-specific: no The BGP decoding routines for tcpdump used incorrect bounds checking when copying data. This could be abused by introducing malicious traffic on a sniffed network for a denial of service attack against tcpdump, or possibly even remote code execution. This has been fixed in version 3.6.2-2.2. - Obtaining updates: By hand: wget URL will fetch the file for you. dpkg -i FILENAME.deb will install the fetched file. With apt: deb http://security.debian.org/ stable/updates main added to /etc/apt/sources.list will provide security updates Additional information can be found on the Debian security webpages at http://www.debian.org/security/ - Debian GNU/Linux 3.0 alias woody - Woody was released for alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390 and sparc. Source archives: http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2.2.dsc Size/MD5 checksum: 1284 be78c7328fcd439fe7eedf6a54894b28 http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2.orig.tar.gz Size/MD5 checksum: 380635 6bc8da35f9eed4e675bfdf04ce312248 http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2.2.diff.gz Size/MD5 checksum: 8956 a07ace8578ecc87cbfd1faba8ecd alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2.2_alpha.deb Size/MD5 checksum: 213458 72603d37a351d08dfa7af4ab13e6301f arm architecture (ARM) http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2.2_arm.deb Size/MD5 checksum: 179464 adb31a1747c0df1f1113454afb3a85f8 hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2.2_hppa.deb Size/MD5 checksum: 192892 28680f059cab0987ee313b672aa2edca i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2.2_i386.deb Size/MD5 checksum: 169360 f303ec885c742a29469e49a9c63a ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2.2_ia64.deb Size/MD5 checksum: 246776 889eb67d84ef3500239a1ad7a721dd9e m68k architecture (Motorola Mc680x0) http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2.2_m68k.deb Size/MD5 checksum: 157340 69ceb0d17d5e9ffca079b0bd7a18d489 mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2.2_mips.deb Size/MD5 checksum: 188714 dbbe0d4eec80daa0f74b83c877064b87 powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2.2_powerpc.deb Size/MD5 checksum: 176706 5121aa3b8891d1030d1924f1328efcdf s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2.2_s390.deb Size/MD5 checksum: 172534 1b2b2834af69c169893b5dee4b21eec3 sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2.2_sparc.deb Size/MD5 checksum: 179076 31a8382615ac8707b9346bfa9b1d615a - -- - Debian Security team [EMAIL PROTECTED] http://www.debian.org/security/ Mailing-List: [EMAIL PROTECTED] -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE99m2RPLiSUC+jvC0RAgQwAJ9g72gzFPfdTVvTfhyX/5wb3H1fiQCfSZhu /YTIMzeIfa1gS4sshBSjcME= =FK7j -END PGP SIGNATURE-
[SECURITY] [DSA-205-1] gtetrinet buffer overflows
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-205-1 [EMAIL PROTECTED] http://www.debian.org/security/ Wichert Akkerman December 10, 2002 - Package: gtetrinet Problem type : buffer overflow Debian-specific: no Steve Kemp and James Antill found several buffer overflows in the gtetrinet (a multiplayer tetris-like game) package as shipped in Debian GNU/Linux 3.0, which could be abused by a malicious server. This has been fixed in upstream version 0.4.4 and release 0.4.1-9woody1.1 of the Debian package. - Obtaining updates: By hand: wget URL will fetch the file for you. dpkg -i FILENAME.deb will install the fetched file. With apt: deb http://security.debian.org/ stable/updates main added to /etc/apt/sources.list will provide security updates Additional information can be found on the Debian security webpages at http://www.debian.org/security/ - Debian GNU/Linux 2.2 alias potato - - Potato was released for alpha, arm, i386, m68k, powerpc and sparc. Potato did not contain a gtetrinet package. Debian GNU/Linux 3.0 alias woody - Woody was released for alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390 and sparc. Source archives: http://security.debian.org/pool/updates/main/g/gtetrinet/gtetrinet_0.4.1-9woody1.1.dsc Size/MD5 checksum: 1317 55778a1c25bccb12cbc90c00c15108e9 http://security.debian.org/pool/updates/main/g/gtetrinet/gtetrinet_0.4.1-9woody1.dsc Size/MD5 checksum: 641 9cc2619b4aedfd4a8a4efaf537e25130 http://security.debian.org/pool/updates/main/g/gtetrinet/gtetrinet_0.4.1-9woody1.diff.gz Size/MD5 checksum:19126 ab141cfe86b7c018aec366ac909863e6 http://security.debian.org/pool/updates/main/g/gtetrinet/gtetrinet_0.4.1-9woody1.1.diff.gz Size/MD5 checksum:19225 ecacb91e1bc4db55fb47c0f0ca281e4f http://security.debian.org/pool/updates/main/g/gtetrinet/gtetrinet_0.4.1.orig.tar.gz Size/MD5 checksum: 144162 40c3808a683fcce0bae5c341a7245fa6 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/g/gtetrinet/gtetrinet_0.4.1-9woody1.1_alpha.deb Size/MD5 checksum: 123156 85348df49da23fce6b7ea384328d35ec arm architecture (ARM) http://security.debian.org/pool/updates/main/g/gtetrinet/gtetrinet_0.4.1-9woody1.1_arm.deb Size/MD5 checksum: 110980 00cf7cd6649a1f8dc9b59fac11b855b4 hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/g/gtetrinet/gtetrinet_0.4.1-9woody1.1_hppa.deb Size/MD5 checksum: 119402 4714cf8d32c80a64d556323dc4703581 i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/g/gtetrinet/gtetrinet_0.4.1-9woody1.1_i386.deb Size/MD5 checksum: 107954 5303aa820794aabb10e59ff06b837472 ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/g/gtetrinet/gtetrinet_0.4.1-9woody1.1_ia64.deb Size/MD5 checksum: 135864 f41023f7f365eb3dcf853eb6345b1076 m68k architecture (Motorola Mc680x0) http://security.debian.org/pool/updates/main/g/gtetrinet/gtetrinet_0.4.1-9woody1.1_m68k.deb Size/MD5 checksum: 108370 a177457fc6ebcf4d83d612b299706005 mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/g/gtetrinet/gtetrinet_0.4.1-9woody1.1_mips.deb Size/MD5 checksum: 114322 5d6032d9c88b4b820c9bde4a69ad9674 mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/g/gtetrinet/gtetrinet_0.4.1-9woody1.1_mipsel.deb Size/MD5 checksum: 111968 f45a1a6b130ae372328ee0a047eed3fe powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/g/gtetrinet/gtetrinet_0.4.1-9woody1.1_powerpc.deb Size/MD5 checksum: 114102 0b9840c44188e4262f65002a9b282b45 s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/g/gtetrinet/gtetrinet_0.4.1-9woody1.1_s390.deb Size/MD5 checksum: 113302 f5e85f1d430094a33c1b74572b9b5342 sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/g/gtetrinet/gtetrinet_0.4.1-9woody1.1_sparc.deb Size/MD5 checksum: 113772 ccd2017e251db41f6931f866246d61a6 - -- - Debian Security team [EMAIL PROTECTED] http://www.debian.org/security/ Mailing-List: [EMAIL PROTECTED] -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE99mnaPLiSUC+jvC0RAnNRAJ9r9xNr7PvwwLTg2HkxwllLY+24HwCffr
[SECURITY] [DSA-190-1] buffer overflow in Window Maker
-BEGIN PGP SIGNED MESSAGE- - Debian Security Advisory DSA-190-1 [EMAIL PROTECTED] http://www.debian.org/security/ Wichert Akkerman November 7, 2002 - Package: wmaker Problem type : buffer overflow Debian-specific: no Al Viro found a problem in the image handling code use in Window Maker, a popular NEXTSTEP like window manager. When creating an image it would allocate a buffer by multiplying the image width and height, but did not check for an overflow. This makes it possible to overflow the buffer. This could be exploited by using specially crafted image files (for example when previewing themes). This has been fixed in version 0.80.0-4.1. - Obtaining updates: By hand: wget URL will fetch the file for you. dpkg -i FILENAME.deb will install the fetched file. With apt: deb http://security.debian.org/ stable/updates main added to /etc/apt/sources.list will provide security updates Additional information can be found on the Debian security webpages at http://www.debian.org/security/ - Debian GNU/Linux 3.0 alias woody - Woody was released for alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390 and sparc. At this moment packages for mipsel are not yet available. Source archives: http://security.debian.org/pool/updates/main/w/wmaker/wmaker_0.80.0.orig.tar.gz Size/MD5 checksum: 2452207 0768a12edff35cba82e769fcbc8de430 http://security.debian.org/pool/updates/main/w/wmaker/wmaker_0.80.0-4.1.diff.gz Size/MD5 checksum: 323198 c1a49502d07e18044d2e1b579c7144fb http://security.debian.org/pool/updates/main/w/wmaker/wmaker_0.80.0-4.1.dsc Size/MD5 checksum: 1463 81ac44a6b0ea1dedc49834f35e5bfb51 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/w/wmaker/wmaker_0.80.0-4.1_alpha.deb Size/MD5 checksum: 2292278 015fa329febee7722ace1d233989c5b0 http://security.debian.org/pool/updates/main/w/wmaker/libwings-dev_0.80.0-4.1_alpha.deb Size/MD5 checksum: 448638 642310838f93352e6461ba73d28ad178 http://security.debian.org/pool/updates/main/w/wmaker/libwraster2-dev_0.80.0-4.1_alpha.deb Size/MD5 checksum: 124220 7614f26566c44ce413e5ca05e8f3e146 http://security.debian.org/pool/updates/main/w/wmaker/libwmaker0-dev_0.80.0-4.1_alpha.deb Size/MD5 checksum:60026 e74d2e084ac969d1ea7d349140d2721e http://security.debian.org/pool/updates/main/w/wmaker/libwraster2_0.80.0-4.1_alpha.deb Size/MD5 checksum: 108778 400114e0b4d35b37d573efee840e6e73 arm architecture (ARM) http://security.debian.org/pool/updates/main/w/wmaker/libwings-dev_0.80.0-4.1_arm.deb Size/MD5 checksum: 340944 9d611e16b7b35ed5985f037a4f8f5635 http://security.debian.org/pool/updates/main/w/wmaker/libwraster2-dev_0.80.0-4.1_arm.deb Size/MD5 checksum: 107852 23a35885f237a23b733ef105438761aa http://security.debian.org/pool/updates/main/w/wmaker/wmaker_0.80.0-4.1_arm.deb Size/MD5 checksum: 2068456 aa0f4630de38323faf835cf4f965b7fe http://security.debian.org/pool/updates/main/w/wmaker/libwmaker0-dev_0.80.0-4.1_arm.deb Size/MD5 checksum:59220 e334af4dad5edcc5cd1c1ac4e8cbefeb http://security.debian.org/pool/updates/main/w/wmaker/libwraster2_0.80.0-4.1_arm.deb Size/MD5 checksum:95684 3a468466a4223b14b8f3b43acab410de hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/w/wmaker/wmaker_0.80.0-4.1_hppa.deb Size/MD5 checksum: 2189302 ef8befcc5bba64f0599f082569d56958 http://security.debian.org/pool/updates/main/w/wmaker/libwraster2-dev_0.80.0-4.1_hppa.deb Size/MD5 checksum: 117434 10303109fd46a2e3b0dc54e422d73bc8 http://security.debian.org/pool/updates/main/w/wmaker/libwraster2_0.80.0-4.1_hppa.deb Size/MD5 checksum: 104508 e7d881619da171e82a796aede8d71dba http://security.debian.org/pool/updates/main/w/wmaker/libwmaker0-dev_0.80.0-4.1_hppa.deb Size/MD5 checksum:59880 26a96fa9a6422861ec56f2207e40dd92 http://security.debian.org/pool/updates/main/w/wmaker/libwings-dev_0.80.0-4.1_hppa.deb Size/MD5 checksum: 395706 9ca65c6d9892555c3b169e9fe96af82b i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/w/wmaker/libwmaker0-dev_0.80.0-4.1_i386.deb Size/MD5 checksum:58934 1e1ea0a1dbc7fbf0110aa729e98dd8ad http://security.debian.org/pool/updates/main/w/wmaker/libwraster2-dev_0.80.0-4.1_i386.deb Size/MD5 checksum: 100986 982412044d618f6d93e8b60f48016329 http://security.debian.org/pool/updates/main/w/wmaker
[SECURITY] [DSA-138-1] Remote execution exploit in gallery
-BEGIN PGP SIGNED MESSAGE- - Debian Security Advisory DSA-138-1 [EMAIL PROTECTED] http://www.debian.org/security/ Wichert Akkerman August 1, 2002 - Package: gallery Problem type : remote exploit Debian-specific: no A problem was found in gallery (a web-based photo album toolkit): it was possible to pass in the GALLERY_BASEDIR variable remotely. This made it possible to execute commands under the uid of web-server. This has been fixed in version 1.2.5-7 of the Debian package and upstream version 1.3.1. - Obtaining updates: By hand: wget URL will fetch the file for you. dpkg -i FILENAME.deb will install the fetched file. With apt: deb http://security.debian.org/ stable/updates main added to /etc/apt/sources.list will provide security updates Additional information can be found on the Debian security web-pages at http://www.debian.org/security/ - Debian GNU/Linux 2.2 alias potato - - Potato does not contain the gallery package Debian GNU/Linux 3.0 alias woody - Woody was released for alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390 and sparc. Source archives: http://security.debian.org/pool/updates/main/g/gallery/gallery_1.2.5-7.woody.0.dsc Size/MD5 checksum: 577 34188f0145b780cabc087dc273710428 http://security.debian.org/pool/updates/main/g/gallery/gallery_1.2.5.orig.tar.gz Size/MD5 checksum: 132099 1a32e57b36ca06d22475938e1e1b19f9 http://security.debian.org/pool/updates/main/g/gallery/gallery_1.2.5-7.woody.0.diff.gz Size/MD5 checksum: 7125 707ec3020491869fa59f66d28e646360 Architecture independent packages: http://security.debian.org/pool/updates/main/g/gallery/gallery_1.2.5-7.woody.0_all.deb Size/MD5 checksum: 132290 8f6f152a45bdd3f632fa1cee5e994132 - -- - Debian Security team [EMAIL PROTECTED] http://www.debian.org/security/ Mailing-List: [EMAIL PROTECTED] -BEGIN PGP SIGNATURE- Version: 2.6.3ia Charset: noconv iQB1AwUBPUh3FqjZR/ntlUftAQEuJgL/Z9inFQxyaUZHvMqhyyPCBzORFbN4Edgu 67Ue5TXeNpZ4rDSgHAKnKBjeHnA4sw1qhubJlFLwzJVshJHrDbP1IXtesA77VEhx 6nM0V2aWX4HrZVO/OJS57IjbB1/vmrTc =n6mV -END PGP SIGNATURE-
[SECURITY] [DSA-128-1] sudo buffer overflow
-BEGIN PGP SIGNED MESSAGE- - Debian Security Advisory DSA-128-1 [EMAIL PROTECTED] http://www.debian.org/security/ Wichert Akkerman April 26, 2002 - Package: sudo Problem type : buffer overflow Debian-specific: no fc found a buffer overflow in the variable expansion code used by sudo for its prompt. Since sudo is necessarily installed suid root a local user can use this to gain root access. This has been fixed in version 1.6.2-2.2 and we recommend that you upgrade your sudo package immediately. wget url will fetch the file for you dpkg -i file.deb will install the referenced file. Debian GNU/Linux 2.2 alias potato - - Potato was released for alpha, arm, i386, m68k, powerpc and sparc. Source archives: http://security.debian.org/dists/stable/updates/main/source/sudo_1.6.2p2-2.2.diff.gz MD5 checksum: 958560c409b43bd13463b3d380fc534a http://security.debian.org/dists/stable/updates/main/source/sudo_1.6.2p2-2.2.dsc MD5 checksum: 7323f0f3614513156120ccc4772524f8 http://security.debian.org/dists/stable/updates/main/source/sudo_1.6.2p2.orig.tar.gz MD5 checksum: dd5944c880fd5cc56bc0f0199e92d2b4 Alpha architecture: http://security.debian.org/dists/stable/updates/main/binary-alpha/sudo_1.6.2p2-2.2_alpha.deb MD5 checksum: 66cb0d4f730560fddba65e44dd78c34d ARM architecture: http://security.debian.org/dists/stable/updates/main/binary-arm/sudo_1.6.2p2-2.2_arm.deb MD5 checksum: f74bae46ebd07bd8f430261153d13f90 Intel IA-32 architecture: http://security.debian.org/dists/stable/updates/main/binary-i386/sudo_1.6.2p2-2.2_i386.deb MD5 checksum: 9ac9b91818dd7b2f2888aa39aac0da98 Motorola 680x0 architecture: http://security.debian.org/dists/stable/updates/main/binary-m68k/sudo_1.6.2p2-2.2_m68k.deb MD5 checksum: 46f6d595363d23c96701cd303511e1a5 PowerPC architecture: http://security.debian.org/dists/stable/updates/main/binary-powerpc/sudo_1.6.2p2-2.2_powerpc.deb MD5 checksum: 66c23d2544e9a8f19c57c919a4a751c9 Sun Sparc architecture: http://security.debian.org/dists/stable/updates/main/binary-sparc/sudo_1.6.2p2-2.2_sparc.deb MD5 checksum: 9654ecac0230abe0f28524469fb5887e These packages will be moved into the stable distribution on its next revision. - -- - apt-get: deb http://security.debian.org/ stable/updates main dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: [EMAIL PROTECTED] -BEGIN PGP SIGNATURE- Version: 2.6.3ia Charset: noconv iQB1AwUBPMiNiqjZR/ntlUftAQErEwL/Xi3i/N5tGqezLTsuJlgChy6MLnX7gJG4 cMa5MzW+1xUH39xz6JAgPKQv9C4FyPqgEOOwa5xt/0vkNasj8ARiu/avLM4Uk6uS 22t9YWRjlnP4tPIi4DPhv20LFu1jeSNH =0Rd2 -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
[SECURITY] [DSA-126-1] Horde and IMP cross-site scripting attack
-BEGIN PGP SIGNED MESSAGE- - Debian Security Advisory DSA-126-1 [EMAIL PROTECTED] http://www.debian.org/security/ Wichert Akkerman April 16, 2002 - Package: imp Problem type : cross-site scripting (CSS) Debian-specific: no A cross-site scripting (CSS) problem was discovered in Horde and IMP (a web based IMAP mail package). This was fixed upstream in Horde version 1.2.8 and IMP version 2.2.8. The relevant patches have been back-ported to version 1.2.6-0.potato.5 of the horde package and version 2.2.6-0.potato.5 of the imp package. This release also fixes a bug introduced by the php security fix from DSA-115-1: the php postgres support changed subtle which broke the postgres support from imp. wget url will fetch the file for you dpkg -i file.deb will install the referenced file. Debian GNU/Linux 2.2 alias potato - - Potato was released for alpha, arm, i386, m68k, powerpc and sparc. Source archives: http://security.debian.org/dists/stable/updates/main/source/horde_1.2.6-0.potato.5.dsc MD5 checksum: b77256b8029270a8de5240e8a5533cae http://security.debian.org/dists/stable/updates/main/source/horde_1.2.6-0.potato.5.tar.gz MD5 checksum: 85ec854ef905a906997088649a12d60c http://security.debian.org/dists/stable/updates/main/source/imp_2.2.6-0.potato.5.dsc MD5 checksum: e8c010d3227f4c55e5b5c68b9921aee5 http://security.debian.org/dists/stable/updates/main/source/imp_2.2.6-0.potato.5.tar.gz MD5 checksum: a874af4a6ef5ef8b3e5fd59f40db13c2 Architecture independent archives: http://security.debian.org/dists/stable/updates/main/binary-all/horde_1.2.6-0.potato.5_all.deb MD5 checksum: df0fe8f732da4edee3f78202c9e2127a http://security.debian.org/dists/stable/updates/main/binary-all/imp_2.2.6-0.potato.5_all.deb MD5 checksum: ffd216c15b27c1c3449512a5ccaa5af2 These packages will be moved into the stable distribution on its next revision. - -- - apt-get: deb http://security.debian.org/ stable/updates main dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: [EMAIL PROTECTED] -BEGIN PGP SIGNATURE- Version: 2.6.3ia Charset: noconv iQB1AwUBPLxETqjZR/ntlUftAQH8eAL/XDyfPIO/SQf4yXRwmoBZ0N/VDXC6qOM4 unkIHH+S/9H5PzMqrB+UqOa/8+Zfs4aYGbXIz+n0oRGyhkrDo0vb/thT8+WqaZRc 2CiLTCG2oXrv5D5wuDzDm7BR5TN7M4E+ =9ml0 -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
[SECURITY] [DSA-127-1] buffer overflow in xpilot-server
-BEGIN PGP SIGNED MESSAGE- - Debian Security Advisory DSA-127-1 [EMAIL PROTECTED] http://www.debian.org/security/ Wichert Akkerman April 17, 2002 - Package: xpilot Problem type : remote buffer overflow Debian-specific: no An internal audit by the xpilot (a multi-player tactical manoeuvring game for X) maintainers revealed a buffer overflow in xpilot server. This overflow can be abused by remote attackers to gain access to the server under which the xpilot server is running. This has been fixed in upstream version 4.5.1 and version 4.1.0-4.U.4alpha2.4.potato1 of the Debian package. wget url will fetch the file for you dpkg -i file.deb will install the referenced file. Debian GNU/Linux 2.2 alias potato - - Potato was released for alpha, arm, i386, m68k, powerpc and sparc. At this moment arm packages are not available yet. Source archives: http://security.debian.org/dists/stable/updates/main/source/xpilot_4.1.0-4.U.4alpha2.4.potato1.diff.gz MD5 checksum: 6c7aa5e06237d0848cc05c3f121d43f3 http://security.debian.org/dists/stable/updates/main/source/xpilot_4.1.0-4.U.4alpha2.4.potato1.dsc MD5 checksum: 51c30a3a226f52e0f99ed5d656e42f37 http://security.debian.org/dists/stable/updates/main/source/xpilot_4.1.0.orig.tar.gz MD5 checksum: 049f4e51d8f033911d3ce055b3b6b701 Architecture independent archives: http://security.debian.org/dists/stable/updates/main/binary-all/xpilot_4.1.0-4.U.4alpha2.4.potato1_all.deb MD5 checksum: 05c17a821e576b8886d6dfd4e737 Alpha architecture: http://security.debian.org/dists/stable/updates/main/binary-alpha/xpilot-client-nas_4.1.0-4.U.4alpha2.4.potato1_alpha.deb MD5 checksum: f506b1c9866c9585900351c10955dd43 http://security.debian.org/dists/stable/updates/main/binary-alpha/xpilot-client-nosound_4.1.0-4.U.4alpha2.4.potato1_alpha.deb MD5 checksum: c45fd37746a572ca4d778a2f6e52dbc5 http://security.debian.org/dists/stable/updates/main/binary-alpha/xpilot-client-rplay_4.1.0-4.U.4alpha2.4.potato1_alpha.deb MD5 checksum: 3950b11932d57fb3ae72d1d5621d7f05 http://security.debian.org/dists/stable/updates/main/binary-alpha/xpilot-server_4.1.0-4.U.4alpha2.4.potato1_alpha.deb MD5 checksum: a66b89463d42a6975df899fa130470f8 Intel IA-32 architecture: http://security.debian.org/dists/stable/updates/main/binary-i386/xpilot-client-nas_4.1.0-4.U.4alpha2.4.potato1_i386.deb MD5 checksum: f0d1306de990f6160ba5cc3e1580b2b2 http://security.debian.org/dists/stable/updates/main/binary-i386/xpilot-client-nosound_4.1.0-4.U.4alpha2.4.potato1_i386.deb MD5 checksum: 28b1c0e638e142f93eb2af7ca71f80d5 http://security.debian.org/dists/stable/updates/main/binary-i386/xpilot-client-rplay_4.1.0-4.U.4alpha2.4.potato1_i386.deb MD5 checksum: 4bb509a8a5711bc570c9e2645b926a35 http://security.debian.org/dists/stable/updates/main/binary-i386/xpilot-server_4.1.0-4.U.4alpha2.4.potato1_i386.deb MD5 checksum: b2c7cf184d6ff9b9b52e7e5a324ff3d7 Motorola 680x0 architecture: http://security.debian.org/dists/stable/updates/main/binary-m68k/xpilot-client-nas_4.1.0-4.U.4alpha2.4.potato1_m68k.deb MD5 checksum: dbac533733306578fdc22c585c1e55e6 http://security.debian.org/dists/stable/updates/main/binary-m68k/xpilot-client-nosound_4.1.0-4.U.4alpha2.4.potato1_m68k.deb MD5 checksum: d8d9414db73b3088330755a7d561ac5d http://security.debian.org/dists/stable/updates/main/binary-m68k/xpilot-client-rplay_4.1.0-4.U.4alpha2.4.potato1_m68k.deb MD5 checksum: 84ec746bc1c1e816448e10868981794d http://security.debian.org/dists/stable/updates/main/binary-m68k/xpilot-server_4.1.0-4.U.4alpha2.4.potato1_m68k.deb MD5 checksum: ae66ef2a10d456761541c135bf88fb16 PowerPC architecture: http://security.debian.org/dists/stable/updates/main/binary-powerpc/xpilot-client-nas_4.1.0-4.U.4alpha2.4.potato1_powerpc.deb MD5 checksum: 49cc8ed07762238a86369190e76dad69 http://security.debian.org/dists/stable/updates/main/binary-powerpc/xpilot-client-nosound_4.1.0-4.U.4alpha2.4.potato1_powerpc.deb MD5 checksum: cb0ec5bcf0895efb66f403cafa55d65b http://security.debian.org/dists/stable/updates/main/binary-powerpc/xpilot-client-rplay_4.1.0-4.U.4alpha2.4.potato1_powerpc.deb MD5 checksum: 98b99485dddf88297de54d3cf9af57b0 http://security.debian.org/dists/stable/updates/main/binary-powerpc/xpilot-server_4.1.0-4.U.4alpha2.4.potato1_powerpc.deb MD5 checksum: 256bb2bdfad21832a159570239900da5 Sun Sparc architecture: http://security.debian.org/dists/stable/updates/main/binary-sparc/xpilot-client-nas_4.1.0-4.U.4alpha2.4.potato1_sparc.deb MD5 checksum: c496e49126d1e2b6991ffbd1c131f5c9 http
[SECURITY] [DSA-066-1] cfingerd remote exploit
-BEGIN PGP SIGNED MESSAGE- - Debian Security Advisory DSA-066-1 [EMAIL PROTECTED] http://www.debian.org/security/ Wichert Akkerman July 11, 2001 - Package: cfingerd Problem type : remote exploit Debian-specific: no Steven van Acker reported on bugtraq that the version of cfingerd (a configurable finger daemon) as distributed in Debian GNU/Linux 2.2 suffers from two problems: 1. The code that reads configuration files (files in which $ commands are expanded) copied its input to a buffer without checking for a buffer overflow. When the ALLOW_LINE_PARSING feature is enabled that code is used for reading users files as well, so local users could exploit this. 2. There also was a printf call in the same routine that did not protect against printf format attacks. Since ALLOW_LINE_PARSING is enabled in the default /etc/cfingerd.conf local users could use this to gain root access. This has been fixed in version 1.4.1-1.2, and we recommend that you upgrade your cfingerd package immediately. wget url will fetch the file for you dpkg -i file.deb will install the referenced file. Debian GNU/Linux 2.2 alias potato - - Potato was released for alpha, arm, i386, m68k, powerpc and sparc. Source archives: http://security.debian.org/dists/stable/updates/main/source/cfingerd_1.4.1-1.2.diff.gz MD5 checksum: e1e5ed3fe85f2af5304b9f0d3d236a91 http://security.debian.org/dists/stable/updates/main/source/cfingerd_1.4.1-1.2.dsc MD5 checksum: 966e205737bcd43182d01114694ed52a http://security.debian.org/dists/stable/updates/main/source/cfingerd_1.4.1.orig.tar.gz MD5 checksum: 0461179bca7bb9b00fb23c088cb0 Alpha architecture: http://security.debian.org/dists/stable/updates/main/binary-alpha/cfingerd_1.4.1-1.2_alpha.deb MD5 checksum: 9c43dd39460c58ed6a013449e2f9 ARM architecture: http://security.debian.org/dists/stable/updates/main/binary-arm/cfingerd_1.4.1-1.2_arm.deb MD5 checksum: 70da6073d42fbbdd29a025517127ebb0 Intel IA-32 architecture: http://security.debian.org/dists/stable/updates/main/binary-i386/cfingerd_1.4.1-1.2_i386.deb MD5 checksum: 2281e1aa8dc439680b1df546a5139aae Motorola 680x0 architecture: http://security.debian.org/dists/stable/updates/main/binary-m68k/cfingerd_1.4.1-1.2_m68k.deb MD5 checksum: 19bf9fbcf1d2e1d7d38ff5bd00c6dc0a PowerPC architecture: http://security.debian.org/dists/stable/updates/main/binary-powerpc/cfingerd_1.4.1-1.2_powerpc.deb MD5 checksum: 383389307d0ebd11b3f8a20abe1395a9 Sun Sparc architecture: http://security.debian.org/dists/stable/updates/main/binary-sparc/cfingerd_1.4.1-1.2_sparc.deb MD5 checksum: 1e734a8573e1c05d8e07ffcc8543c4e9 These packages will be moved into the stable distribution on its next revision. For not yet released architectures please refer to the appropriate directory ftp://ftp.debian.org/debian/dists/sid/binary-$arch/ . - -- - apt-get: deb http://security.debian.org/ stable/updates main dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: [EMAIL PROTECTED] -BEGIN PGP SIGNATURE- Version: 2.6.3ia Charset: noconv iQB1AwUBO0yTc6jZR/ntlUftAQEsBwMAkfE4minNvpxIpXQLzkEgOgprPM3zrs3s GVEBQrzCtn64tcA+dXvmrOalr5Ij0lE85VaFpuJ71ag9M84uzsd9QDqYQ3cDUllp wZcZzUbXDslu3+xCpNYOzSbEGDc3bJiP =nAbh -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: smbd remote file creation vulnerability
Previously Pavol Luptak wrote: Linux kernels with openwall patch (with restricted links in /tmp) are imunne to this type of attack (following symlinks does not work, link owner does not match with file's owner). If symlink don't work you can still use a hardlink though. Wichert. -- _ / Nothing is fool-proof to a sufficiently talented fool \ | [EMAIL PROTECTED] http://www.liacs.nl/~wichert/ | | 1024D/2FA3BC2D 576E 100B 518D 2F16 36B0 2805 3CB8 9250 2FA3 BC2D |
[SECURITY] [DSA-065-1] samba remote file append/creation problem
-BEGIN PGP SIGNED MESSAGE- - Debian Security Advisory DSA-065-1 [EMAIL PROTECTED] http://www.debian.org/security/ Wichert Akkerman June 23, 2001 - Package: samba Problem type : remote file append/creation Debian-specific: no Michal Zalewski discovered that samba does not properly validate NetBIOS names from remote machines. By itself that is not a problem, except if Samba is configure to write log-files to a file that includes the NetBIOS name of the remote side by using the `%m' macro in the `log file' command. In that case an attacker could use a NetBIOS name like '../tmp/evil'. If the log-file was set to /var/log/samba/%s samba would them write to /var/tmp/evil. Since the NetBIOS name is limited to 15 characters and the `log file' command could have an extension to the filename the results of this are limited. However if the attacker is also able to create symbolic links on the samba server he could trick samba into appending any data he wants to all files on the filesystem which samba can write to. The Debian GNU/Linux packaged version of samba has a safe configuration and is not vulnerable. As temporary workaround for systems that are vulnerable change all occurrences of the `%m' macro in smb.conf to `%l' and restart samba. This has been fixed in version 2.0.7-3.4, and we recommend that up upgrade your samba package immediately. wget url will fetch the file for you dpkg -i file.deb will install the referenced file. Debian GNU/Linux 2.2 alias potato - - Potato was released for alpha, arm, i386, m68k, powerpc and sparc. Source archives: http://security.debian.org/dists/stable/updates/main/source/samba_2.0.7-3.4.diff.gz MD5 checksum: 5611001a7ed3b80214709ee1f5b433cf http://security.debian.org/dists/stable/updates/main/source/samba_2.0.7-3.4.dsc MD5 checksum: 1899ddf270b1c7422297b5725aae1cac http://security.debian.org/dists/stable/updates/main/source/samba_2.0.7.orig.tar.gz MD5 checksum: b5e61ea655d476072fd0365785fea2d0 Architecture independent archives: http://security.debian.org/dists/stable/updates/main/binary-all/samba-doc_2.0.7-3.4_all.deb MD5 checksum: 5e9e67fd0b0647945106ec4af85aec6e Alpha architecture: http://security.debian.org/dists/stable/updates/main/binary-alpha/samba-common_2.0.7-3.4_alpha.deb MD5 checksum: f978de80e3dcfdd5a08c623b365c1a88 http://security.debian.org/dists/stable/updates/main/binary-alpha/samba_2.0.7-3.4_alpha.deb MD5 checksum: 139272e3c7f6fc6643b303db996736a3 http://security.debian.org/dists/stable/updates/main/binary-alpha/smbclient_2.0.7-3.4_alpha.deb MD5 checksum: 106f37c91188799ba73f5821582cce82 http://security.debian.org/dists/stable/updates/main/binary-alpha/smbfs_2.0.7-3.4_alpha.deb MD5 checksum: 5eba972f8f5ec99b9ac31281ff93b862 http://security.debian.org/dists/stable/updates/main/binary-alpha/swat_2.0.7-3.4_alpha.deb MD5 checksum: 1fddc7995e9068fba6f509222c386b36 ARM architecture: http://security.debian.org/dists/stable/updates/main/binary-arm/samba-common_2.0.7-3.4_arm.deb MD5 checksum: 4cebf21d3d52f80250688b79d078cffe http://security.debian.org/dists/stable/updates/main/binary-arm/samba_2.0.7-3.4_arm.deb MD5 checksum: 5e98051170c741a8d982cd4eedd1ee2d http://security.debian.org/dists/stable/updates/main/binary-arm/smbclient_2.0.7-3.4_arm.deb MD5 checksum: 8968608080bf324dbab1dbca607066cd http://security.debian.org/dists/stable/updates/main/binary-arm/smbfs_2.0.7-3.4_arm.deb MD5 checksum: f57810ea2d6c7686d090ed84ccfb168f http://security.debian.org/dists/stable/updates/main/binary-arm/swat_2.0.7-3.4_arm.deb MD5 checksum: a14b4f352fdca1986d5142c8584c3d15 Intel IA-32 architecture: http://security.debian.org/dists/stable/updates/main/binary-i386/samba-common_2.0.7-3.4_i386.deb MD5 checksum: 68a2b37078da7ae8bfe494ba4406f9b7 http://security.debian.org/dists/stable/updates/main/binary-i386/samba_2.0.7-3.4_i386.deb MD5 checksum: 9e7d7b60348a4aa2d3f401e30a7078c9 http://security.debian.org/dists/stable/updates/main/binary-i386/smbclient_2.0.7-3.4_i386.deb MD5 checksum: fff14586173645b3ee81129f071ea462 http://security.debian.org/dists/stable/updates/main/binary-i386/smbfs_2.0.7-3.4_i386.deb MD5 checksum: f07facfb2938d08f76f4aef1a4ccba54 http://security.debian.org/dists/stable/updates/main/binary-i386/swat_2.0.7-3.4_i386.deb MD5 checksum: aa9665611e949b70c5157c51329f765e Motorola 680x0 architecture: http://security.debian.org/dists/stable/updates/main/binary-m68k/samba-common_2.0.7-3.4_m68k.deb MD5 checksum: db9593e35e444ede9ebe7c8583813166 http://security.debian.org/dists
[SECURITY] [DSA-063-1] two xinetd problems
-BEGIN PGP SIGNED MESSAGE- - Debian Security Advisory DSA-063-1 [EMAIL PROTECTED] http://www.debian.org/security/ Wichert Akkerman June 17, 2001 - Package: xinetd Problem type : change default umask buffer overflow Debian-specific: no zen-parse reported on bugtraq that there is a possible buffer overflow in the logging code from xinetd. This could be triggered by using a fake identd that returns special replies when xinetd does an ident request. Another problem is that xinetd sets it umask to 0. As a result any programs that xinetd start that are not careful with file permissions will create world-writable files. Both problems have been fixed in version 2.1.8.8.p3-1.1 . wget url will fetch the file for you dpkg -i file.deb will install the referenced file. Debian GNU/Linux 2.2 alias potato - - Potato was released for alpha, arm, i386, m68k, powerpc and sparc. Source archives: http://security.debian.org/dists/stable/updates/main/source/xinetd_2.1.8.8.p3-1.1.diff.gz MD5 checksum: 457150cded692f00e76c73c8ae7787d1 http://security.debian.org/dists/stable/updates/main/source/xinetd_2.1.8.8.p3-1.1.dsc MD5 checksum: c3c9764680b907c382904aa1e5ba32b0 http://security.debian.org/dists/stable/updates/main/source/xinetd_2.1.8.8.p3.orig.tar.gz MD5 checksum: 5d1f4d5bab29d9e68dc8850b4cb90969 Alpha architecture: http://security.debian.org/dists/stable/updates/main/binary-alpha/xinetd_2.1.8.8.p3-1.1_alpha.deb MD5 checksum: e43231b79cf899e89b9c8e98cb9a3473 ARM architecture: http://security.debian.org/dists/stable/updates/main/binary-arm/xinetd_2.1.8.8.p3-1.1_arm.deb MD5 checksum: 107e82971903932f9f6deb5b5db53000 Intel IA-32 architecture: http://security.debian.org/dists/stable/updates/main/binary-i386/xinetd_2.1.8.8.p3-1.1_i386.deb MD5 checksum: 94aff2d70ce4032527b61ef5fe2bf623 Motorola 680x0 architecture: http://security.debian.org/dists/stable/updates/main/binary-m68k/xinetd_2.1.8.8.p3-1.1_m68k.deb MD5 checksum: 53627cdca29cfd395b5413bf893652cf PowerPC architecture: http://security.debian.org/dists/stable/updates/main/binary-powerpc/xinetd_2.1.8.8.p3-1.1_powerpc.deb MD5 checksum: 0707a506c810aff814acaef7e6188527 Sun Sparc architecture: http://security.debian.org/dists/stable/updates/main/binary-sparc/xinetd_2.1.8.8.p3-1.1_sparc.deb MD5 checksum: e93d159f968dc41c4244f1b27e023646 These packages will be moved into the stable distribution on its next revision. For not yet released architectures please refer to the appropriate directory ftp://ftp.debian.org/debian/dists/sid/binary-$arch/ . - -- - apt-get: deb http://security.debian.org/ stable/updates main dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: [EMAIL PROTECTED] -BEGIN PGP SIGNATURE- Version: 2.6.3ia Charset: noconv iQB1AwUBOyzQ8ajZR/ntlUftAQF4vwL8DWP96n/vNL04tkWxFv0OANfjpSnPtY4u MD0RnMN7P7lA5uazxB0uC7FgHp0uJmxrdUcIzQ7HWq+CcD9E0AALe4hLp5aCLedD vmwnTk/1VVL1GkRNq1/Fk8HL2D2Tfypp =luf8 -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Rxvt vulnerability
Previously Samuel Dralet wrote: RXVT Vulnerability Date : 2001/06/05 Vulnerable system : rxvt 2.6.2 on Debian Linux 2.2 [.. snip snip ..] Status vendor : contacted two weeks ago but no response. I'm curious who you contacted; from what I can see you did not contact Debian but yet you explicitly mention that Debian is vulnerable and claim you contacted the vendor two weeks ago. Wichert. -- _ / Nothing is fool-proof to a sufficiently talented fool \ | [EMAIL PROTECTED] http://www.liacs.nl/~wichert/ | | 1024D/2FA3BC2D 576E 100B 518D 2F16 36B0 2805 3CB8 9250 2FA3 BC2D |
[SECURITY] [DSA-060-1] fetchmail buffer overflow
-BEGIN PGP SIGNED MESSAGE- - Debian Security Advisory DSA-060-1 [EMAIL PROTECTED] http://www.debian.org/security/ Wichert Akkerman June 16, 2001 - Package: fetchmail Problem type : buffer overflow Debian-specific: no Wolfram Kleff found a problem in fetchmail: it would crash when processing emails with extremely long headers. The problem was a buffer overflow in the header parser which could be exploited. This has been fixed in version 5.3.3-1.3, and we recommend that you upgrade your fetchmail package immediately. wget url will fetch the file for you dpkg -i file.deb will install the referenced file. Debian GNU/Linux 2.2 alias potato - - Potato was released for alpha, arm, i386, m68k, powerpc and sparc. Source archives: http://security.debian.org/dists/stable/updates/main/source/fetchmail_5.3.3-1.2.diff.gz MD5 checksum: fbf35f3be1f9d8bee5d08a4a9e4d1a23 http://security.debian.org/dists/stable/updates/main/source/fetchmail_5.3.3-1.2.dsc MD5 checksum: b2d5b8e11f7943a167dddbb4b1a0ad1b http://security.debian.org/dists/stable/updates/main/source/fetchmail_5.3.3.orig.tar.gz MD5 checksum: d2cffc4594ec2d36db6681b800f25e2a Architecture independent archives: http://security.debian.org/dists/stable/updates/main/binary-all/fetchmailconf_5.3.3-1.2_all.deb MD5 checksum: 7501327bf217b36540a0b6288362d40a Alpha architecture: http://security.debian.org/dists/stable/updates/main/binary-alpha/fetchmail_5.3.3-1.2_alpha.deb MD5 checksum: 9176d223e830d64f648c8374aec45e73 ARM architecture: http://security.debian.org/dists/stable/updates/main/binary-arm/fetchmail_5.3.3-1.2_arm.deb MD5 checksum: ca4c1e5e8aba63badb08e26459608f1a Intel IA-32 architecture: http://security.debian.org/dists/stable/updates/main/binary-i386/fetchmail_5.3.3-1.2_i386.deb MD5 checksum: d985cf57911ad2b891ed6c92c50de317 Motorola 680x0 architecture: http://security.debian.org/dists/stable/updates/main/binary-m68k/fetchmail_5.3.3-1.2_m68k.deb MD5 checksum: 3921efe505b3eb72a1cff41a11da2d5c PowerPC architecture: http://security.debian.org/dists/stable/updates/main/binary-powerpc/fetchmail_5.3.3-1.2_powerpc.deb MD5 checksum: d7828e3c6ce890e86fb65316e4b78768 Sun Sparc architecture: http://security.debian.org/dists/stable/updates/main/binary-sparc/fetchmail_5.3.3-1.2_sparc.deb MD5 checksum: baf11fea7d050cbb5d9f00f95a16e0f7 These packages will be moved into the stable distribution on its next revision. For not yet released architectures please refer to the appropriate directory ftp://ftp.debian.org/debian/dists/sid/binary-$arch/ . - -- - apt-get: deb http://security.debian.org/ stable/updates main dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: [EMAIL PROTECTED] -BEGIN PGP SIGNATURE- Version: 2.6.3ia Charset: noconv iQB1AwUBOyuGIqjZR/ntlUftAQHW7AMAgngWe6rTqRKX1w4tBVFi7XrVQs5TOcHb akEBX1ZVQ4GYYXJ3fom3TnS+hbOqn3q/1DhGhnf++hMqj98CoysyUR2EzXQRHIE7 oRSdeZwsIpMN1raVAVvqhdE6UOStxE3e =NmIw -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
[SECURITY] [DSA-061-1] multiple gnupg problems
-BEGIN PGP SIGNED MESSAGE- - Debian Security Advisory DSA-061-1 [EMAIL PROTECTED] http://www.debian.org/security/ Wichert Akkerman June 16, 2001 - Package: gnupg Problem type : printf format attack web of trust pollution Debian-specific: no The version of GnuPG (GNU Privacy Guard, an OpenPGP implementation) as distributed in Debian GNU/Linux 2.2 suffers from two problems: fish stiqz reported on bugtraq that there was a printf format problem in the do_get() function: it printed a prompt which included the filename that was being decrypted without checking for possible printf format attacks. This could be exploited by tricking someone into decrypting a file with a specially crafted filename. The second bug is related to importing secret keys: when gnupg imported a secret key it would immediately make the associated public key fully trusted which changes your web of trust without asking for a confirmation. To fix this you now need a special option to import a secret key. Both problems have been fixed in version 1.0.6-0potato1. wget url will fetch the file for you dpkg -i file.deb will install the referenced file. Debian GNU/Linux 2.2 alias potato - - Potato was released for alpha, arm, i386, m68k, powerpc and sparc. Source archives: http://security.debian.org/dists/stable/updates/main/source/gnupg_1.0.6-0potato1.diff.gz MD5 checksum: 4928a4a589c11cadea852347d23edf5a http://security.debian.org/dists/stable/updates/main/source/gnupg_1.0.6-0potato1.dsc MD5 checksum: e6057febed9106dfc9f77fb61fbd0ca4 http://security.debian.org/dists/stable/updates/main/source/gnupg_1.0.6.orig.tar.gz MD5 checksum: 7c319a9e5e70ad9bc3bf0d7b5008a508 Alpha architecture: http://security.debian.org/dists/stable/updates/main/binary-alpha/gnupg_1.0.6-0potato1_alpha.deb MD5 checksum: 76c3f586b91bba1c69a6fb6ea93a2fbd ARM architecture: http://security.debian.org/dists/stable/updates/main/binary-arm/gnupg_1.0.6-0potato1_arm.deb MD5 checksum: 84a47897a38f44b07180e9a9ec16ab49 Intel IA-32 architecture: http://security.debian.org/dists/stable/updates/main/binary-i386/gnupg_1.0.6-0potato1_i386.deb MD5 checksum: d3a91ccc9d1c951b80afe17e59190db3 Motorola 680x0 architecture: http://security.debian.org/dists/stable/updates/main/binary-m68k/gnupg_1.0.6-0potato1_m68k.deb MD5 checksum: 6b12f23b3c3840574af826db147ed9cd PowerPC architecture: http://security.debian.org/dists/stable/updates/main/binary-powerpc/gnupg_1.0.6-0potato1_powerpc.deb MD5 checksum: a5a9bffdce2abf112c2058097f48f784 Sun Sparc architecture: http://security.debian.org/dists/stable/updates/main/binary-sparc/gnupg_1.0.6-0potato1_sparc.deb MD5 checksum: 487c0d605ff5b3fdce2212d4e9c07bf0 These packages will be moved into the stable distribution on its next revision. For not yet released architectures please refer to the appropriate directory ftp://ftp.debian.org/debian/dists/sid/binary-$arch/ . - -- - apt-get: deb http://security.debian.org/ stable/updates main dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: [EMAIL PROTECTED] -BEGIN PGP SIGNATURE- Version: 2.6.3ia Charset: noconv iQB1AwUBOyud7KjZR/ntlUftAQGn2AL9EYSvg7znskCLx5eY/mOjz3QQnDSEFXlj V8GSUZaSVpm5kNcb19pZIgfJEZe60CQIDesdnb8M7YaKyT65sFha+8yJvaVWsy+H 5Mp/lBEW8B3qvNYtScF6/XoXKpymOD2E =918n -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
[SECURITY] [DSA-059-1] man-db symlink attack
-BEGIN PGP SIGNED MESSAGE- - Debian Security Advisory DSA-059-1 [EMAIL PROTECTED] http://www.debian.org/security/ Wichert Akkerman June 12, 2001 - Package: man-db Problem type : symlink attack Debian-specific: no Luki R. reported a bug in man-db: it did handle nested calls of drop_effective_privs() and regain_effective_privs() correctly which would cause it to regain privileges to early. This could be abused to make man create files as user man. This has been fixed in version 2.3.16-4, and we recommend that you upgrade your man-db package immediately. If you use suidmanager you can also use that to make sure man and mandb are not installed suid which protects you from this problem. This can be done with the following commands: suidregister /usr/lib/man-db/man root root 0755 suidregister /usr/lib/man-db/mandb root root 0755 Of course even when using suidmanager an upgrade is still strongly recommended. wget url will fetch the file for you dpkg -i file.deb will install the referenced file. Debian GNU/Linux 2.2 alias potato - - Potato was released for alpha, arm, i386, m68k, powerpc and sparc. Source archives: http://security.debian.org/dists/stable/updates/main/source/man-db_2.3.16-4.dsc MD5 checksum: 1ab2ce2ae42f04788123ca846481dfbb http://security.debian.org/dists/stable/updates/main/source/man-db_2.3.16-4.tar.gz MD5 checksum: 88449c2f090bfb620980996c78fc8193 Alpha architecture: http://security.debian.org/dists/stable/updates/main/binary-alpha/man-db_2.3.16-4_alpha.deb MD5 checksum: 4cfb3906c406b75917f9c58cb1486f36 ARM architecture: http://security.debian.org/dists/stable/updates/main/binary-arm/man-db_2.3.16-4_arm.deb MD5 checksum: 3edfbd8f52b2636ff6a5bc27f9fa1aaa Intel IA-32 architecture: http://security.debian.org/dists/stable/updates/main/binary-i386/man-db_2.3.16-4_i386.deb MD5 checksum: 652668ab57978209225b4cce92afd7f2 Motorola 680x0 architecture: http://security.debian.org/dists/stable/updates/main/binary-m68k/man-db_2.3.16-4_m68k.deb MD5 checksum: 613fed5e773cb31ac50e8c29edfd35c5 PowerPC architecture: http://security.debian.org/dists/stable/updates/main/binary-powerpc/man-db_2.3.16-4_powerpc.deb MD5 checksum: d70fd2e5b6df82841e628c2a7a9bca97 Sun Sparc architecture: http://security.debian.org/dists/stable/updates/main/binary-sparc/man-db_2.3.16-4_sparc.deb MD5 checksum: 02168687d2c2f72d49337b7ce14d01ca These packages will be moved into the stable distribution on its next revision. For not yet released architectures please refer to the appropriate directory ftp://ftp.debian.org/debian/dists/sid/binary-$arch/ . - -- - apt-get: deb http://security.debian.org/ stable/updates main dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: [EMAIL PROTECTED] -BEGIN PGP SIGNATURE- Version: 2.6.3ia Charset: noconv iQB1AwUBOyYqjqjZR/ntlUftAQF9vQL/f5YNbjvc5dcNUOP7GbI6iE3xXQO+zbzU g0VUIbh1iEWhpNmhRdByRB4djxqFjekIdRyXKEozs9GMTBibiVW9nTgtsNwHb2r+ eVqn3Igu03yHmVC9ZqUW/hcLYG9ooi7X =NDck -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Network Solutions Crypt-PW Authentication-Scheme vulnerability
Previously Peter van Dijk wrote: crypt() passwords are never more than 8 characters - anything beyond 8 characters is discarded. That highly depends on the crypt implementation. The original crypt only used 8 characters, but modern implementations can use different schemes (md5 for example). Wichert. -- _ / Nothing is fool-proof to a sufficiently talented fool \ | [EMAIL PROTECTED] http://www.liacs.nl/~wichert/ | | 1024D/2FA3BC2D 576E 100B 518D 2F16 36B0 2805 3CB8 9250 2FA3 BC2D |
[SECURITY] [DSA-058-1] exim printf format attack
-BEGIN PGP SIGNED MESSAGE- - Debian Security Advisory DSA-058-1 [EMAIL PROTECTED] http://www.debian.org/security/ Wichert Akkerman June 10, 2001 - Package: exim Problem type : remote printf format attack Debian-specific: no Megyer Laszlo found a printf format bug in the exim mail transfer agent. The code that checks the header syntax of an email logs an error without protecting itself against printf format attacks. This problem has been fixed in version 3.12-10.1. Since that code is not turned on by default a standard installation is not vulnerable, but we still recommend to upgrade your exim package. wget url will fetch the file for you dpkg -i file.deb will install the referenced file. Debian GNU/Linux 2.2 alias potato - - Potato was released for alpha, arm, i386, m68k, powerpc and sparc. Source archives: http://security.debian.org/dists/stable/updates/main/source/exim_3.12-10.1.diff.gz MD5 checksum: 959d5e70c78dd0f8daf1bcb470d2851a http://security.debian.org/dists/stable/updates/main/source/exim_3.12-10.1.dsc MD5 checksum: c3ae78797cc1da77b074b91c80f21fc8 http://security.debian.org/dists/stable/updates/main/source/exim_3.12.orig.tar.gz MD5 checksum: 336cd605cb121703af4f22a8c34bb333 ARM architecture: http://security.debian.org/dists/stable/updates/main/binary-arm/exim_3.12-10.1_arm.deb MD5 checksum: 8553e97eef733ab850eba6926bead792 http://security.debian.org/dists/stable/updates/main/binary-arm/eximon_3.12-10.1_arm.deb MD5 checksum: 2b56110866983b0bc4828bc0e4b0b7bd Alpha architecture: http://security.debian.org/dists/stable/updates/main/binary-alpha/exim_3.12-10.1_alpha.deb MD5 checksum: 5e304c46581e3a1e6278b6a677b8308d http://security.debian.org/dists/stable/updates/main/binary-alpha/eximon_3.12-10.1_alpha.deb MD5 checksum: b01e0f2d7986475eba02c280f5321cf2 Intel IA-32 architecture: http://security.debian.org/dists/stable/updates/main/binary-i386/exim_3.12-10.1_i386.deb MD5 checksum: d7e4c6e286fae05abfce28841dc0530e http://security.debian.org/dists/stable/updates/main/binary-i386/eximon_3.12-10.1_i386.deb MD5 checksum: 9dc3b11692b7047fef58c5a8da7741d8 Motorola 680x0 architecture: http://security.debian.org/dists/stable/updates/main/binary-m68k/exim_3.12-10.1_m68k.deb MD5 checksum: 56ccf16d58ce07217a12809fca325597 http://security.debian.org/dists/stable/updates/main/binary-m68k/eximon_3.12-10.1_m68k.deb MD5 checksum: 8031e4a9a8a65a63fdc686e81af0b469 PowerPC architecture: http://security.debian.org/dists/stable/updates/main/binary-powerpc/exim_3.12-10.1_powerpc.deb MD5 checksum: 925523b2d5cb6aa43d146aec7125d59c http://security.debian.org/dists/stable/updates/main/binary-powerpc/eximon_3.12-10.1_powerpc.deb MD5 checksum: 9fa51619d73061c7c221bb876bf65047 Sun Sparc architecture: http://security.debian.org/dists/stable/updates/main/binary-sparc/exim_3.12-10.1_sparc.deb MD5 checksum: b13d02e8d2eb3542c8876f81051e29c7 http://security.debian.org/dists/stable/updates/main/binary-sparc/eximon_3.12-10.1_sparc.deb MD5 checksum: ae8d1ac5b1b228deea25ba8a89c77d21 These packages will be moved into the stable distribution on its next revision. For not yet released architectures please refer to the appropriate directory ftp://ftp.debian.org/debian/dists/sid/binary-$arch/ . - -- - apt-get: deb http://security.debian.org/ stable/updates main dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: [EMAIL PROTECTED] -BEGIN PGP SIGNATURE- Version: 2.6.3ia Charset: noconv iQB1AwUBOyK1W6jZR/ntlUftAQF3FQMAiXkoKRlL5Cvwgcmn1TL2VDvXvtgs/0YG mvw0B8zMzUk+DfsJl94FC4lB3dclZRQl0O2SNGZbomhgOxhAxumLFUmMqLDcdOj8 Fxr6SIwKg+cWZyg3PdFGcHk2wXY64JQg =5FTy -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Vixie cron vulnerability
Previously Kris Kennaway wrote: I think this is a Linux-specific enhancement to vixie cron; nothing remotely similar to the affected code seems to be in the FreeBSD version, and I thought we were using the most recent vendor version. As the Debian advisory mentioned, this was the result of a bug in an earlier security fix we made. As such only those who also used that other patch are vulnerable. Wichert. -- _ / Nothing is fool-proof to a sufficiently talented fool \ | [EMAIL PROTECTED] http://www.liacs.nl/~wichert/ | | 1024D/2FA3BC2D 576E 100B 518D 2F16 36B0 2805 3CB8 9250 2FA3 BC2D |