Debian: mah-jong multiple vulnerabilities

    Date08 Sep 2003
    Posted ByLinuxSecurity Advisories
    Nicolas Boullis discovered two vulnerabilities in mah-jong.
    - --------------------------------------------------------------------------
    Debian Security Advisory DSA 378-1                     This email address is being protected from spambots. You need JavaScript enabled to view it.                             Matt Zimmerman
    September 7th, 2003            
    - --------------------------------------------------------------------------
    Package        : mah-jong
    Vulnerability  : buffer overflows, denial of service
    Problem-Type   : remote
    Debian-specific: no
    CVE Ids        : CAN-2003-0705 CAN-2003-0706
    Nicolas Boullis discovered two vulnerabilities in mah-jong, a
    network-enabled game.
     - CAN-2003-0705 (buffer overflow)
       This vulnerability could be exploited by a remote attacker to
       execute arbitrary code with the privileges of the user running the
       mah-jong server.
    - - CAN-2003-0706 (denial of service)
      This vulnerability could be exploited by a remote attacker to cause
      the mah-jong server to enter a tight loop and stop responding to
    For the stable distribution (woody) these problems have been fixed in
    version 1.4-2.
    For the unstable distribution (sid) these problems have been fixed in
    version 1.5.6-2.
    We recommend that you update your mah-jong package.
    Upgrade Instructions
    - --------------------
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    If you are using the apt-get package manager, use the line for
    sources.list as given below:
    apt-get update
            will update the internal database
    apt-get upgrade
            will install corrected packages
    You may use an automated update by adding the resources from the
    footer to the proper configuration.
    Debian GNU/Linux 3.0 alias woody
    - --------------------------------
      Source archives:
          Size/MD5 checksum:      579 b473dfb32c1765f3b96a1d4897a728a5
          Size/MD5 checksum:    23814 c0465cd149b6f9bfc7f0096ab5d0d192
          Size/MD5 checksum:   259474 21cc99ddb9ae91cbe02b2119586f8860
      Alpha architecture:
          Size/MD5 checksum:   311378 0ff83a703283cad7faa06609d330d9ef
      ARM architecture:
          Size/MD5 checksum:   272324 e6974d354918f6f4d0dffa3bb3eb4b9f
      Intel IA-32 architecture:
          Size/MD5 checksum:   250012 a4f7d586918c3a712d073aa9e8e42bd5
      Intel IA-64 architecture:
          Size/MD5 checksum:   379856 b63ee72a1a2f4ac16e902ae0f8b5b3e1
      HP Precision architecture:
          Size/MD5 checksum:   286728 c4c544f15f09199b753848cb7ee417d9
      Motorola 680x0 architecture:
          Size/MD5 checksum:   234410 91682fc41ab6fb8b57ebfb09681f3180
      Big endian MIPS architecture:
          Size/MD5 checksum:   261874 977e1d059bbaca988a3cb60636e74d17
      Little endian MIPS architecture:
          Size/MD5 checksum:   261666 45e1785dd5c17dcbec971fc8024b8787
      PowerPC architecture:
          Size/MD5 checksum:   271566 5d25f219fdb987ca014775ae4ae9ee9c
      IBM S/390 architecture:
          Size/MD5 checksum:   246116 be071c93713eb1257f9a8b8225968ad8
      Sun Sparc architecture:
          Size/MD5 checksum:   269392 78b122c5b4145b039dda06d4e16cfe48
      These files will probably be moved into the stable distribution on
      its next revision.
    - ---------------------------------------------------------------------------------
    For apt-get: deb stable/updates main
    For dpkg-ftp: dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    Package info: `apt-cache show ' and
    You are not authorised to post comments.

    Comments powered by CComment


    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"64","type":"x","order":"1","pct":57.14,"resources":[]},{"id":"88","title":"Should be more technical","votes":"15","type":"x","order":"2","pct":13.39,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"33","type":"x","order":"3","pct":29.46,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.