Debian: 3.0 DSA 378-1 Critical: Mah-Jong Buffer Overflow, DoS Threats
debian
September 8, 2003
Nicolas Boullis discovered two vulnerabilities in mah-jong.
Topics Covered
Summary
Nicolas Boullis discovered two vulnerabilities in mah-jong, a
network-enabled game.
- CAN-2003-0705 (buffer overflow)
This vulnerability could be exploited by a remote attacker to
execute arbitrary code with the privileges of the user running the
mah-jong server.
- - CAN-2003-0706 (denial of service)
This vulnerability could be exploited by a remote attacker to cause
the mah-jong server to enter a tight loop and stop responding to
commands.
For the stable distribution (woody) these problems have been fixed in
version 1.4-2.
For the unstable distribution (sid) these problems have been fixed in
version 1.5.6-2.
We recommend that you update your mah-jong package.
Upgrade Instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corr...
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Package: mah-jong
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!