Debian: netkit-telnet denial of service real fix

    Date18 Oct 2004
    CategoryDebian
    2069
    Posted ByLinuxSecurity Advisories
    Michal Zalewski discovered a bug in the netkit-telnet server (telnetd) whereby a remote attacker could cause the telnetd process to free an invalid pointer.
    
    --------------------------------------------------------------------------
    Debian Security Advisory DSA 556-2                     This email address is being protected from spambots. You need JavaScript enabled to view it. 
    http://www.debian.org/security/                             Martin Schulze
    XXXXX 8th, 2004                          http://www.debian.org/security/faq
    --------------------------------------------------------------------------
    
    Package        : netkit-telnet
    Vulnerability  : invalid free(3)
    Problem-Type   : remote
    Debian-specific: yes
    CVE ID         : CAN-2004-0911
    Debian Bug     : 273694
    
    This is an update for DSA 556-1 which was intended to fix a denial of
    service situation in netkit-telnet but didn't.  The update for
    unstable did fix the problem.  For completeness below is the original
    advisory text:
    
      Michal Zalewski discovered a bug in the netkit-telnet server (telnetd)
      whereby a remote attacker could cause the telnetd process to free an
      invalid pointer.  This causes the telnet server process to crash,
      leading to a straightforward denial of service (inetd will disable the
      service if telnetd is crashed repeatedly), or possibly the execution
      of arbitrary code with the privileges of the telnetd process (by
      default, the 'telnetd' user).
    
      For the unstable distribution (sid) this problem has been fixed in
      version 0.17-26.
    
    For the stable distribution (woody) this problem has been fixed in
    version 0.17-18woody2.
    
    We recommend that you upgrade your netkit-telnet-ssl package.
    
    
    Upgrade Instructions
    --------------------
    
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    
    If you are using the apt-get package manager, use the line for
    sources.list as given below:
    
    apt-get update
            will update the internal database
    apt-get upgrade
            will install corrected packages
    
    You may use an automated update by adding the resources from the
    footer to the proper configuration.
    
    
    Debian GNU/Linux 3.0 alias woody
    --------------------------------
    
      Source archives:
    
         http://security.debian.org/pool/updates/main/n/netkit-telnet/netkit-telnet_0.17-18woody2.dsc
          Size/MD5 checksum:      602 5c4291548c60df2607baabc8af77fe88
         http://security.debian.org/pool/updates/main/n/netkit-telnet/netkit-telnet_0.17-18woody2.diff.gz
          Size/MD5 checksum:    21969 e29d25caa0138fe87b26f2fee609698d
         http://security.debian.org/pool/updates/main/n/netkit-telnet/netkit-telnet_0.17.orig.tar.gz
          Size/MD5 checksum:   133749 d6beabaaf53fe6e382c42ce3faa05a36
    
      Alpha architecture:
    
         http://security.debian.org/pool/updates/main/n/netkit-telnet/telnet_0.17-18woody2_alpha.deb
          Size/MD5 checksum:    84150 5cd0073e1d87493de0e9347e08b33e4c
         http://security.debian.org/pool/updates/main/n/netkit-telnet/telnetd_0.17-18woody2_alpha.deb
          Size/MD5 checksum:    45804 4f5924c6b71a716bbae5ff32aebdaee1
    
      ARM architecture:
    
         http://security.debian.org/pool/updates/main/n/netkit-telnet/telnet_0.17-18woody2_arm.deb
          Size/MD5 checksum:    69924 8bb25a534f053a693aa971df0e15d71f
         http://security.debian.org/pool/updates/main/n/netkit-telnet/telnetd_0.17-18woody2_arm.deb
          Size/MD5 checksum:    39618 2cfc8d96f00bb739333adf0659caceb6
    
      Intel IA-32 architecture:
    
         http://security.debian.org/pool/updates/main/n/netkit-telnet/telnet_0.17-18woody2_i386.deb
          Size/MD5 checksum:    70944 f8361dcb79029ba42c929a4eec1c9f2c
         http://security.debian.org/pool/updates/main/n/netkit-telnet/telnetd_0.17-18woody2_i386.deb
          Size/MD5 checksum:    38594 8619caa3b44632443cde32a032100d3f
    
      Intel IA-64 architecture:
    
         http://security.debian.org/pool/updates/main/n/netkit-telnet/telnet_0.17-18woody2_ia64.deb
          Size/MD5 checksum:   102740 d9839694911c708b6e76de4f41434b24
         http://security.debian.org/pool/updates/main/n/netkit-telnet/telnetd_0.17-18woody2_ia64.deb
          Size/MD5 checksum:    52486 8d7c4b6f977d5f01e93ef2437829202d
    
      HP Precision architecture:
    
         http://security.debian.org/pool/updates/main/n/netkit-telnet/telnet_0.17-18woody2_hppa.deb
          Size/MD5 checksum:    69972 f5eb1bcafb1306cad596edc9e177eb7d
         http://security.debian.org/pool/updates/main/n/netkit-telnet/telnetd_0.17-18woody2_hppa.deb
          Size/MD5 checksum:    43514 00b12715674693c3413dc74393d13cd7
    
      Motorola 680x0 architecture:
    
         http://security.debian.org/pool/updates/main/n/netkit-telnet/telnet_0.17-18woody2_m68k.deb
          Size/MD5 checksum:    67156 3a4ba0fc24b5fbdc6cd07dfe369ff051
         http://security.debian.org/pool/updates/main/n/netkit-telnet/telnetd_0.17-18woody2_m68k.deb
          Size/MD5 checksum:    37452 951df56394fe48d8b2545c9595280307
    
      Big endian MIPS architecture:
    
         http://security.debian.org/pool/updates/main/n/netkit-telnet/telnet_0.17-18woody2_mips.deb
          Size/MD5 checksum:    80850 b2b47cef8c63aeae88939319ccffeb4a
         http://security.debian.org/pool/updates/main/n/netkit-telnet/telnetd_0.17-18woody2_mips.deb
          Size/MD5 checksum:    42610 3da3497520b9b63aa76860249ffa19a8
    
      Little endian MIPS architecture:
    
         http://security.debian.org/pool/updates/main/n/netkit-telnet/telnet_0.17-18woody2_mipsel.deb
          Size/MD5 checksum:    80746 23cc994b10106a96da77b8b4c09db293
         http://security.debian.org/pool/updates/main/n/netkit-telnet/telnetd_0.17-18woody2_mipsel.deb
          Size/MD5 checksum:    42602 eaa443670708c98ca589e8c79b7e130d
    
      PowerPC architecture:
    
         http://security.debian.org/pool/updates/main/n/netkit-telnet/telnet_0.17-18woody2_powerpc.deb
          Size/MD5 checksum:    73210 279bd225fed44479f70d231244378a34
         http://security.debian.org/pool/updates/main/n/netkit-telnet/telnetd_0.17-18woody2_powerpc.deb
          Size/MD5 checksum:    40256 ded106aca9111c910eed3e0c8471f90d
    
      IBM S/390 architecture:
    
         http://security.debian.org/pool/updates/main/n/netkit-telnet/telnet_0.17-18woody2_s390.deb
          Size/MD5 checksum:    73160 4b6a667921fad470fc9cf2ea5a337987
         http://security.debian.org/pool/updates/main/n/netkit-telnet/telnetd_0.17-18woody2_s390.deb
          Size/MD5 checksum:    41218 25a8ed701f933546d375626adc5af142
    
      Sun Sparc architecture:
    
         http://security.debian.org/pool/updates/main/n/netkit-telnet/telnet_0.17-18woody2_sparc.deb
          Size/MD5 checksum:    74160 ec213a37a00451e2c6d7e0ef8867acae
         http://security.debian.org/pool/updates/main/n/netkit-telnet/telnetd_0.17-18woody2_sparc.deb
          Size/MD5 checksum:    45324 8af7b133cbf41eafc21886bed81b1c84
    
    
      These files will probably be moved into the stable distribution on
      its next update.
    
    ---------------------------------------------------------------------------------
    For apt-get: deb  http://security.debian.org/ stable/updates main
    For dpkg-ftp:  ftp://security.debian.org/debian-security dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    Package info: `apt-cache show ' and  http://packages.debian.org/
    
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"39","type":"x","order":"1","pct":50,"resources":[]},{"id":"88","title":"Should be more technical","votes":"11","type":"x","order":"2","pct":14.1,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"28","type":"x","order":"3","pct":35.9,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.