Linux Security
    Linux Security
    Linux Security

    Debian: centericq 4.20.0

    Posted By
    Eric Romang discovered that centericq, a text-mode multi-protocol instant messenger client, creates some temporary files with predictable filenames and is hence vulnerable to symlink attacks by local attackers.
    - --------------------------------------------------------------------------
    Debian Security Advisory DSA 754-1                     This email address is being protected from spambots. You need JavaScript enabled to view it.                             Martin Schulze
    July 13th, 2005               
    - --------------------------------------------------------------------------
    Package        : centericq
    Vulnerability  : insecure temporary file
    Problem-Type   : local
    Debian-specific: no
    CVE ID         : CAN-2005-1914
    BugTraq ID     : 14144
    Eric Romang discovered that centericq, a text-mode multi-protocol
    instant messenger client, creates some temporary files with
    predictable filenames and is hence vulnerable to symlink attacks by
    local attackers.
    The old stable distribution (woody) is not affected by this problem.
    For the stable distribution (sarge) this problem has been fixed in
    version 4.20.0-1sarge1.
    For the unstable distribution (sid) this problem has been fixed in
    version 4.20.0-7.
    We recommend that you upgrade your centericq package.
    Upgrade Instructions
    - --------------------
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    If you are using the apt-get package manager, use the line for
    sources.list as given below:
    apt-get update
            will update the internal database
    apt-get upgrade
            will install corrected packages
    You may use an automated update by adding the resources from the
    footer to the proper configuration.
    Debian GNU/Linux 3.1 alias sarge
    - --------------------------------
      Source archives:
          Size/MD5 checksum:      875 ff3553a853e9dea97f75125500f39fd6
          Size/MD5 checksum:   100900 b6a5e2debfafc7d8473fe81f0711a831
          Size/MD5 checksum:  1796894 874165f4fbd40e3be677bdd1696cee9d
      Alpha architecture:
          Size/MD5 checksum:  1650272 882581a531410fc6284a24f40aa8b237
          Size/MD5 checksum:   335678 c87e1264b7bb422de39eeff293929aa8
          Size/MD5 checksum:  1651376 a8cd3d6ac111d9f28340efa50e925269
          Size/MD5 checksum:  1650310 9f3b0d39fdda30c961247d0aa674058d
      ARM architecture:
          Size/MD5 checksum:  2185028 4fdb5947660ce1d58fbdd81af93a60e9
          Size/MD5 checksum:   335736 c335b521ca1f23e4c0c87c0957e99b26
          Size/MD5 checksum:  2185856 c093062b1c397089201a417ebd35610b
          Size/MD5 checksum:  2185088 814e779647082332701c2bdb2c1bfa2e
      Intel IA-32 architecture:
          Size/MD5 checksum:  1349542 171e9599f323d0b7032221893c05c2db
          Size/MD5 checksum:   336380 acb15387093497c5ae902128991b37e7
          Size/MD5 checksum:  1350102 37a815e05d9bb0ba1bd5d99876a80e88
          Size/MD5 checksum:  1349540 3a02ce4144ca83d843482ac2809f988e
      Intel IA-64 architecture:
          Size/MD5 checksum:  1881164 6766767f7c2d44d3023436b3a8726c27
          Size/MD5 checksum:   335720 1369e108773220fd60021709e6f7e590
          Size/MD5 checksum:  1882048 85b7af43d942cb506b59dbec6c10d3be
          Size/MD5 checksum:  1881146 a4b826076616b8b7cf52df38f0b3f601
      HP Precision architecture:
          Size/MD5 checksum:  1812254 2c988bd55387eb756552406715320117
          Size/MD5 checksum:   336436 d40ce9a6241038f93862436496818d75
          Size/MD5 checksum:  1813346 e721c733e24d1063e029612e4b569e2b
          Size/MD5 checksum:  1812310 b9bd62aa66113ea84914ab4455e49bab
      Motorola 680x0 architecture:
          Size/MD5 checksum:  1399166 7ddc0f2503ef5f2fd2bbb3e445408458
          Size/MD5 checksum:   336492 1400cd5ab6c2ff0d29456bcd9dfcc444
          Size/MD5 checksum:  1399876 612c10725c364b47a4fe40450f5510c8
          Size/MD5 checksum:  1399218 bf36275ec5ea06f9f7d557e85d826561
      Big endian MIPS architecture:
          Size/MD5 checksum:  1492958 a2bb8d172576366bec82e519e0081014
          Size/MD5 checksum:   336456 cfa56dc46a514e9aea800bb382040dde
          Size/MD5 checksum:  1493512 33f0de5ec770cc9337c8cb10aeb8c345
          Size/MD5 checksum:  1493010 a6c79e53b42b22fdd3171e73f75aead8
      Little endian MIPS architecture:
          Size/MD5 checksum:  1483074 9c1f565bdb835615b5a873a9515048d8
          Size/MD5 checksum:   335720 3dac5924736c7445985e2446df6e0bfb
          Size/MD5 checksum:  1483650 de5c2aae6952ba8729a1d5e697e1309b
          Size/MD5 checksum:  1483130 2ca921ed986f28d633cc28ddcb040c5e
      PowerPC architecture:
          Size/MD5 checksum:  1385012 94e319589b8f0512b8fb3821ab41db0a
          Size/MD5 checksum:   336420 31ec6d10723f4ea728e9a603e38abd35
          Size/MD5 checksum:  1385554 2210300e4bb99860d361a45a7e3c0626
          Size/MD5 checksum:  1385108 87855894236a34a4650e5771dfe52ca2
      IBM S/390 architecture:
          Size/MD5 checksum:  1193784 ed23ee7d6ec4213436285bd4e2c65e45
          Size/MD5 checksum:   336410 926b21a7de188e70c31c3aef62be36e8
          Size/MD5 checksum:  1194074 7304eb97bf4bf5b9d9a117565b04b152
          Size/MD5 checksum:  1193840 c6ca4ddb1b7ee6ec74b78b50b04b66f5
      Sun Sparc architecture:
          Size/MD5 checksum:  1325774 05367d08c75e216ccab84db2ce35a870
          Size/MD5 checksum:   336424 746efd83e6bde711b7260e968fcc4826
          Size/MD5 checksum:  1326572 1e59f2d8c81b409b5d63473a11af836b
          Size/MD5 checksum:  1325720 72cb751add782b3b5c1e91878506c761
      These files will probably be moved into the stable distribution on
      its next update.
    - ---------------------------------------------------------------------------------
    For apt-get: deb stable/updates main
    For dpkg-ftp: dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.

    LinuxSecurity Poll

    How are you contributing to Open Source?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 4 answer(s).
    [{"id":"127","title":"I'm involved with the development of an open-source project(s).","votes":"1","type":"x","order":"1","pct":100,"resources":[]},{"id":"128","title":"I've reported vulnerabilities I've discovered in open-source code.","votes":"0","type":"x","order":"2","pct":0,"resources":[]},{"id":"129","title":"I've provided developers with feedback on their projects.","votes":"0","type":"x","order":"3","pct":0,"resources":[]},{"id":"130","title":"I've helped another community member get started contributing to Open Source.","votes":"0","type":"x","order":"4","pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350


    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.