Linux Security
    Linux Security
    Linux Security

    Debian: fte Multiple buffer overflow vulnerabilities

    Posted By
    This patch removes setuid root from vfte, which has a number of known buffer overflows.
    Debian Security Advisory DSA 472-1                     This email address is being protected from spambots. You need JavaScript enabled to view it.                             Matt Zimmerman
    April 3rd, 2004                
    - --------------------------------------------------------------------------
    Package        : fte
    Vulnerability  : several
    Problem-Type   : buffer overflows
    Debian-specific: no
    CVE Ids        : CAN-2003-0648
    Debian bug     : #203871
    Steve Kemp and Jaguar discovered a number of buffer overflow
    vulnerabilities in vfte, a version of the fte editor which runs on the
    Linux console, found in the package fte-console.  This program is
    setuid root in order to perform certain types of low-level operations
    on the console.
    Due to these bugs, setuid privilege has been removed from vfte, making
    it only usable by root.  We recommend using the terminal version (in
    the fte-terminal package) instead, which runs on any capable terminal
    including the Linux console.
    For the stable distribution (woody) these problems have been fixed in
    version 0.49.13-15woody1.
    For the unstable distribution (sid) these problems have been fixed in
    version 0.50.0-1.1.
    We recommend that you update your fte package.
    Upgrade Instructions
    - --------------------
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    If you are using the apt-get package manager, use the line for
    sources.list as given below:
    apt-get update
            will update the internal database
    apt-get upgrade
            will install corrected packages
    You may use an automated update by adding the resources from the
    footer to the proper configuration.
    Debian GNU/Linux 3.0 alias woody
    - --------------------------------
      Source archives:
          Size/MD5 checksum:      609 4ce3f8d5ce68e70d8f5800171eb3b4b2
          Size/MD5 checksum:   559912 4e35205cf4256fbac041ba290e633f30
      Alpha architecture:
          Size/MD5 checksum:    74102 83dedc8a780725dbe8073b081a653828
          Size/MD5 checksum:   199602 ab0c0c86670e4f2f64651f52f7a0403a
          Size/MD5 checksum:   122700 7be26dee16c2d2938b4f8273562c56b3
          Size/MD5 checksum:   197942 5d6ee59128a9360e1c0dc62805c0e100
          Size/MD5 checksum:   207180 b85e97f12de35cee17d68ede3e933ba2
      ARM architecture:
          Size/MD5 checksum:    71608 5e8d77bf80748f3607a99301d111c507
          Size/MD5 checksum:   150768 22e3b88059d61140e81222a043bc0e55
          Size/MD5 checksum:   122718 e99955a854dbd95537b885921d2b20b5
          Size/MD5 checksum:   148560 022486dd73f78054855e55efe3a90b3b
          Size/MD5 checksum:   156664 86d50122eb5b823bcb30a1d37ba351c5
      Intel IA-32 architecture:
          Size/MD5 checksum:    71626 16729e271bb38948ae89ba3766dc8491
          Size/MD5 checksum:   141516 1645111f30e339cbed6ef4bb13cb803f
          Size/MD5 checksum:   124322 d8fd1efd66cd696a88c6e403bdff0d2b
          Size/MD5 checksum:   140162 ff1d2c613b40834b5f23411a61560ead
          Size/MD5 checksum:   146778 385b06d99a0150e187dd98e94e29fe36
      Intel IA-64 architecture:
          Size/MD5 checksum:    78128 c6eb92920b98887390928b1655502b9d
          Size/MD5 checksum:   264434 d2ac6731be692ba2498107ef5d9cc6bc
          Size/MD5 checksum:   122696 9ae248e75e671bc03a2964e3b7bb2cae
          Size/MD5 checksum:   261032 2e18827c056d7f99993db4d0bebfe4fb
          Size/MD5 checksum:   273122 60b262caccd4290008e40cb149b8301e
      HP Precision architecture:
          Size/MD5 checksum:    73998 ac99b815a02e58311c53e1f8cb068c1c
          Size/MD5 checksum:   207580 4ac741368c8ee3c9951c038a4eec914c
          Size/MD5 checksum:   122706 d651c44366bda7660ad08b9c346c7a2e
          Size/MD5 checksum:   205592 e52154184595ef322973d5f95772863c
          Size/MD5 checksum:   214532 2e6bd1b6e35b6e5c84574495262698dc
      Motorola 680x0 architecture:
          Size/MD5 checksum:    70378 6655c66baab59b983f77f30ef3f16bb3
          Size/MD5 checksum:   126710 f69dcd049d92ff4dac8494989c5cbede
          Size/MD5 checksum:   122714 aadab6ad515ec1acfc39044cfc3d6c5b
          Size/MD5 checksum:   125352 e6c5588ebd0808b3069ac09b1a8e7c7f
          Size/MD5 checksum:   131720 2c15fec4f2e5234907a2e78f63f2cf8d
      Big endian MIPS architecture:
          Size/MD5 checksum:    71976 edf9be1182ff20fb63c34dd7bca5911d
          Size/MD5 checksum:   189068 a58b831e5b5dcce139df5243ab9cfab9
          Size/MD5 checksum:   122808 2a9de827c427cd7b44223096c1b6fa53
          Size/MD5 checksum:   186822 f68f2e7bc58495a3d7a87e449e14ea7f
          Size/MD5 checksum:   195160 47c26ca11949aad7dcbe5c7c1c6dff20
      Little endian MIPS architecture:
          Size/MD5 checksum:    71926 65757722fa2cb9df9e6139037bd7603b
          Size/MD5 checksum:   188276 8de060e1f996b7aa6847180430286c3b
          Size/MD5 checksum:   122690 f7f79c453c5b94f111a3aa73c17dc9c0
          Size/MD5 checksum:   186174 3c1cda10c450f4694a950bfb3d818876
          Size/MD5 checksum:   194628 b9bde5aa9ac546bc44dc7c3e73cc65a8
      PowerPC architecture:
          Size/MD5 checksum:    72144 f2e256f4e7802a8c65f4f0159d27851a
          Size/MD5 checksum:   153434 f6b1ad3a7e77af9daac9114f00e62b7c
          Size/MD5 checksum:   122704 20fa2128e9d5d6456cfafe399d876d9e
          Size/MD5 checksum:   151558 716c7bcdefe356a338341c08fcf4ea59
          Size/MD5 checksum:   159448 2b7e59957df4ff0d66bf46b481c0de46
      IBM S/390 architecture:
          Size/MD5 checksum:    70960 e9d119f457361dc983eab526ad826143
          Size/MD5 checksum:   149092 5012101938d0597fc421ac09c2b10c66
          Size/MD5 checksum:   122702 0a6176acf340fc75396c89d64e891675
          Size/MD5 checksum:   147520 8245176bfb3c5ffaa1aff525ddc9f50b
          Size/MD5 checksum:   155422 cca9f5f4fdafcb89bdee5afb117bf125
      Sun Sparc architecture:
          Size/MD5 checksum:    72158 26de448213afdbaf9dae2920448f7370
          Size/MD5 checksum:   142988 1612dd5fc622aeb1de19dbec8840e457
          Size/MD5 checksum:   122710 1c3903d536725137443aa9680cd3500f
          Size/MD5 checksum:   141242 0c7d30f936f0f86e11beea711977fb77
          Size/MD5 checksum:   149172 5723b04f45c2d3a8ed480c34a683af34
      These files will probably be moved into the stable distribution on
      its next revision.
    - ---------------------------------------------------------------------------------
    For apt-get: deb stable/updates main
    For dpkg-ftp: dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    Package info: `apt-cache show ' and


    LinuxSecurity Poll

    Which aspect of server security are you most interested in learning more about?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    [{"id":"131","title":"Preventing information leakage","votes":"3","type":"x","order":"1","pct":100,"resources":[]},{"id":"132","title":"Firewall considerations","votes":"0","type":"x","order":"2","pct":0,"resources":[]},{"id":"133","title":"Permissions ","votes":"0","type":"x","order":"3","pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350


    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.