Säkerhetsbulletin från Debian

canna server -- buffertspill

Rapporterat den:
2000-07-01
Berörda paket:
canna
Sårbara:
Ja
Referenser i säkerhetsdatabaser:
I Mitres CVE-förteckning: CVE-2000-0584.
Ytterligare information:
Canna-paketet som medföljer Debian GNU/Linux 2.1 kan attackeras utifrån och ge åtkomst. Detta kan göras genom att spilla över bufferten genom att sända SR_INIT-kommandot med ett väldigt långt användar- eller gruppnamn.

Detta har rättats i version 3.5b2-24slink1, och vi rekommenderar att du uppgraderar ditt canna-paket omedelbart.

Rättat i:
Källkod:
http://security.debian.org/dists/slink/updates/source/canna_3.5b2-24slink1.diff.gz
http://security.debian.org/dists/slink/updates/source/canna_3.5b2-24slink1.dsc
http://security.debian.org/dists/slink/updates/source/canna_3.5b2.orig.tar.gz
alpha:
http://security.debian.org/dists/slink/updates/binary-alpha/canna-utils_3.5b2-24slink1_alpha.deb
http://security.debian.org/dists/slink/updates/binary-alpha/canna_3.5b2-24slink1_alpha.deb
http://security.debian.org/dists/slink/updates/binary-alpha/libcanna1g-dev_3.5b2-24slink1_alpha.deb
http://security.debian.org/dists/slink/updates/binary-alpha/libcanna1g_3.5b2-24slink1_alpha.deb
i386:
http://security.debian.org/dists/slink/updates/binary-i386/canna-utils_3.5b2-24slink1_i386.deb
http://security.debian.org/dists/slink/updates/binary-i386/canna_3.5b2-24slink1_i386.deb
http://security.debian.org/dists/slink/updates/binary-i386/libcanna1g-dev_3.5b2-24slink1_i386.deb
http://security.debian.org/dists/slink/updates/binary-i386/libcanna1g_3.5b2-24slink1_i386.deb
m68k:
http://security.debian.org/dists/slink/updates/binary-m68k/canna-utils_3.5b2-24slink1_m68k.deb
http://security.debian.org/dists/slink/updates/binary-m68k/canna_3.5b2-24slink1_m68k.deb
http://security.debian.org/dists/slink/updates/binary-m68k/libcanna1g-dev_3.5b2-24slink1_m68k.deb
http://security.debian.org/dists/slink/updates/binary-m68k/libcanna1g_3.5b2-24slink1_m68k.deb
sparc:
http://security.debian.org/dists/slink/updates/binary-sparc/canna-utils_3.5b2-24slink1_sparc.deb
http://security.debian.org/dists/slink/updates/binary-sparc/canna_3.5b2-24slink1_sparc.deb
http://security.debian.org/dists/slink/updates/binary-sparc/libcanna1g-dev_3.5b2-24slink1_sparc.deb
http://security.debian.org/dists/slink/updates/binary-sparc/libcanna1g_3.5b2-24slink1_sparc.deb