Debian: 'listar' Remote buffer overflow vulnerability

    Date19 Mar 2002
    CategoryDebian
    3118
    Posted ByLinuxSecurity Advisories
    Janusz Niewiadomski and Wojciech Purczynski reported a buffer overflowin the address_match of listar (a listserv style mailing-list manager).
    
    ------------------------------------------------------------------------
    Debian Security Advisory DSA-123-1                   This email address is being protected from spambots. You need JavaScript enabled to view it. 
    http://www.debian.org/security/                         Wichert Akkerman
    March 19, 2002
    ------------------------------------------------------------------------
    
    
    Package        : listar
    Problem type   : remote exploit
    Debian-specific: no
    
    Janusz Niewiadomski and Wojciech Purczynski reported a buffer overflow
    in the address_match of listar (a listserv style mailing-list manager).
    
    This has been fixed in version 0.129a-2.potato1.
    
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    
    
    Debian GNU/Linux 2.2 alias potato
    ---------------------------------
    
      Potato was released for alpha, arm, i386, m68k, powerpc and sparc.
    
    
      Source archives:
         http://security.debian.org/dists/stable/updates/main/source/listar_0.129a-2.potato1.diff.gz
          MD5 checksum: a6e40875491815afc37d351b880da632
         http://security.debian.org/dists/stable/updates/main/source/listar_0.129a-2.potato1.dsc
          MD5 checksum: c878e05868e010738c7af76126bf6f57
         http://security.debian.org/dists/stable/updates/main/source/listar_0.129a.orig.tar.gz
          MD5 checksum: 0302a199d9e5ee180c9e6e55ee7a0780
    
      Alpha architecture:
         
    http://security.debian.org/dists/stable/updates/main/binary-alpha/listar-cgi_0.129a-2.potato1_alpha.deb
          MD5 checksum: 513df9fe1518dccf2017fe153956ced6
         
    http://security.debian.org/dists/stable/updates/main/binary-alpha/listar_0.129a-2.potato1_alpha.deb
          MD5 checksum: fe8c81f9b9cda57b07aa48a6b946cbb5
    
      ARM architecture:
         
    http://security.debian.org/dists/stable/updates/main/binary-arm/listar-cgi_0.129a-2.potato1_arm.deb
          MD5 checksum: 7c24002166961b3e038b48088665841d
         http://security.debian.org/dists/stable/updates/main/binary-arm/listar_0.129a-2.potato1_arm.deb
          MD5 checksum: c6a88928d9ef5ec6297dda0f1db6eaf8
    
      Intel IA-32 architecture:
         
    http://security.debian.org/dists/stable/updates/main/binary-i386/listar-cgi_0.129a-2.potato1_i386.deb
          MD5 checksum: 51d454473b8f1ff57dc5ed5f38395dea
         
    http://security.debian.org/dists/stable/updates/main/binary-i386/listar_0.129a-2.potato1_i386.deb
          MD5 checksum: 5d0f77b0846f256fc12e69146fb9b8b6
    
      Motorola 680x0 architecture:
         
    http://security.debian.org/dists/stable/updates/main/binary-m68k/listar-cgi_0.129a-2.potato1_m68k.deb
          MD5 checksum: 593bfe2d9e25d2cb7154dcd11f5a36db
         
    http://security.debian.org/dists/stable/updates/main/binary-m68k/listar_0.129a-2.potato1_m68k.deb
          MD5 checksum: abf4288fc12d7d925cbb106aba436da2
    
      PowerPC architecture:
         
    http://security.debian.org/dists/stable/updates/main/binary-powerpc/listar-cgi_0.129a-2.potato1_powerpc.deb
          MD5 checksum: 6410a8e2aa507cfe4e55ee4324b06ec3
         
    http://security.debian.org/dists/stable/updates/main/binary-powerpc/listar_0.129a-2.potato1_powerpc.deb
          MD5 checksum: e28fd90f9ba8fd2bf1aa6605fea622cb
    
      Sun Sparc architecture:
         
    http://security.debian.org/dists/stable/updates/main/binary-sparc/listar-cgi_0.129a-2.potato1_sparc.deb
          MD5 checksum: 3a14fd7b53a0e8b25dff34ec55c4d52c
         
    http://security.debian.org/dists/stable/updates/main/binary-sparc/listar_0.129a-2.potato1_sparc.deb
          MD5 checksum: 2a45b969ef367fcbaf8bd2851df711f7
    
      These packages will be moved into the stable distribution on its next
      revision.
    
    --
    ----------------------------------------------------------------------------
    apt-get: deb  http://security.debian.org/ stable/updates main
    dpkg-ftp:  ftp://security.debian.org/debian-security dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    
    
    
    
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"40","type":"x","order":"1","pct":48.78,"resources":[]},{"id":"88","title":"Should be more technical","votes":"13","type":"x","order":"2","pct":15.85,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"29","type":"x","order":"3","pct":35.37,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.