Linux Security
Linux Security
Linux Security

Debian: New centericq packages fix arbitrary code execution

Date 03 Jun 2006
Posted By LinuxSecurity Advisories
Updated package.
- --------------------------------------------------------------------------
Debian Security Advisory DSA 1088-1                    This email address is being protected from spambots. You need JavaScript enabled to view it.                             Martin Schulze
June 3rd, 2006                
- --------------------------------------------------------------------------

Package        : centericq
Vulnerability  : buffer overflow
Problem type   : remote
Debian-specific: no
CVE ID         : CVE-2005-3863
BugTraq ID     : 15600
Debian Bug     : 340959

Mehdi Oudad and Kevin Fernandez discovered a buffer overflow in the
ktools library which is used in centericq, a text-mode multi-protocol
instant messenger client, which may lead local or remote attackers to
execute arbitrary code.

For the old stable distribution (woody) this problem has been fixed in
version 4.5.1-1.1woody2.

For the stable distribution (sarge) this problem has been fixed in
version 4.20.0-1sarge4.

For the unstable distribution (sid) this problem has been fixed in
version 4.21.0-6.

We recommend that you upgrade your centericq package.

Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given at the end of this advisory:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody
- --------------------------------

  Source archives:
      Size/MD5 checksum:      603 792e9548d8f6d540c26fa0fdbdd1df57
      Size/MD5 checksum:     3827 dc51504b36a05b003de1d22c2c879223
      Size/MD5 checksum:   680625 e50121ea43a54140939b7bec8efdefe0

  Alpha architecture:
      Size/MD5 checksum:   868742 1e533bd67111dbaca069ec6a7e9122ec

  ARM architecture:
      Size/MD5 checksum:   809068 400376da91c99a970032220e39de0c73

  Intel IA-32 architecture:
      Size/MD5 checksum:   648950 4b30966a06e54085bbb8db33f03beeca

  Intel IA-64 architecture:
      Size/MD5 checksum:   930922 f8aaa7129fb4ffc5de2468662166db5f

  HP Precision architecture:
      Size/MD5 checksum:   821294 79ffab208975e12fb264cbb4ef36c6b3

  Motorola 680x0 architecture:
      Size/MD5 checksum:   612174 969fff39d5249b24d5c711cc312a92d4

  Big endian MIPS architecture:
      Size/MD5 checksum:   649086 11f73ccf6f59687b0e9f4eb2d939fc93

  Little endian MIPS architecture:
      Size/MD5 checksum:   634462 2a54c83a7a9f5a47495e7d608d2705bd

  PowerPC architecture:
      Size/MD5 checksum:   633210 21767275a156aa5309d2febe03e395db

  IBM S/390 architecture:
      Size/MD5 checksum:   534764 483dda7f47f832ef50ae50a721164e62

  Sun Sparc architecture:
      Size/MD5 checksum:   617338 1eeee2554ee66d37458909aea51e0b18

Debian GNU/Linux 3.1 alias sarge
- --------------------------------

  Source archives:
      Size/MD5 checksum:      851 347a8183b403014c403f1757f353e436
      Size/MD5 checksum:   106308 ee5a0e2b155ab6ee35c7be04941cb574
      Size/MD5 checksum:  1796894 874165f4fbd40e3be677bdd1696cee9d

  Alpha architecture:
      Size/MD5 checksum:  1650570 6addf20af3c5fce5003cfcd998c88dad
      Size/MD5 checksum:   336024 cabf30b626c0b1ffc7adc474e650b0da
      Size/MD5 checksum:  1651594 c9b361454f6ed7546d6b7fcfb417c420
      Size/MD5 checksum:  1650632 414f32a3fee64fcfe7b98365d64486f1

  AMD64 architecture:
      Size/MD5 checksum:  1355518 6bc3845c82740d0b089337dd3068078e
      Size/MD5 checksum:   336006 6eee21ecd6ee4600813192d98ca172e7
      Size/MD5 checksum:  1355798 226ae854f90219c9cc8c662b9be2e903
      Size/MD5 checksum:  1355566 27d8db8b20503f0527e558846b20ebbb

  ARM architecture:
      Size/MD5 checksum:  2185394 bf00243e825f49f26585f547cec1f404
      Size/MD5 checksum:   336028 ce7a340b924cb1ab7a571fdc0c301945
      Size/MD5 checksum:  2186140 adf229a4553875379348b1688f910678
      Size/MD5 checksum:  2185460 7375a4503258d1fcb9d4f03d34b54cf4

  Intel IA-32 architecture:
      Size/MD5 checksum:  1348826 1f8a99153aa93509805a95eedfb1e493
      Size/MD5 checksum:   335880 51caf40c0a4cb709ed257453e46fcc74
      Size/MD5 checksum:  1349608 2b46f86353b8b1323e6776c23c434750
      Size/MD5 checksum:  1348924 608dd61bfbb98d99867eefabcccbbbae

  Intel IA-64 architecture:
      Size/MD5 checksum:  1881388 88f88e10e529a68cfb6ebd2d9ce76fb2
      Size/MD5 checksum:   335984 577780bd2cf3fffd54f985dfe71c9b28
      Size/MD5 checksum:  1882292 9d43ae3452ed00c896882a40f4e2b21f
      Size/MD5 checksum:  1881456 a5350a5fe409bfc0545ce0d3b6201e99

  HP Precision architecture:
      Size/MD5 checksum:  1812604 ba840154c90fa7fd5c5d27f629a4e7d0
      Size/MD5 checksum:   336684 49cbe7f7dacb8774e60cde1c436647eb
      Size/MD5 checksum:  1813616 3a3358848c14c28e63a317a87111bcf5
      Size/MD5 checksum:  1812646 d4d53c94a0670042863ba66bf822c8af

  Motorola 680x0 architecture:
      Size/MD5 checksum:  1399506 050350f784fa16edc990a0af9094d360
      Size/MD5 checksum:   336772 ff95d538d955d3f3a29c2b1b76b1629b
      Size/MD5 checksum:  1400204 6787c44b90c3e24a2e550661f2070024
      Size/MD5 checksum:  1399546 960a182de7c92c96153f95f7858288b6

  Big endian MIPS architecture:
      Size/MD5 checksum:  1493242 45baa39468c703cebbb3e7135992fe08
      Size/MD5 checksum:   336704 aa4c66a0022918403b8b5725f888f1f9
      Size/MD5 checksum:  1493744 7758a3e4853e9735bddceecdde402a37
      Size/MD5 checksum:  1493310 3b92ec1941f96ba976c7c98824231566

  Little endian MIPS architecture:
      Size/MD5 checksum:  1483388 bf669f331a7becc56851b41c70f0dbcf
      Size/MD5 checksum:   336048 7a7ecf280bc1d03e79af0cfa794ddb9a
      Size/MD5 checksum:  1483970 c3cd579d088ad124053bd73a2633a470
      Size/MD5 checksum:  1483438 7d1493bfa167fd7f7644232e215fad7f

  PowerPC architecture:
      Size/MD5 checksum:  1386192 92d2bce7027d47f82e68f50a2a54892f
      Size/MD5 checksum:   336702 8cab14ba1f096f2e2588120b5cf06e97
      Size/MD5 checksum:  1386680 58e198a5b828b1abb309630ecf966bf7
      Size/MD5 checksum:  1386242 8e54c9ce0432cebc1c9f95001d6edb15

  IBM S/390 architecture:
      Size/MD5 checksum:  1194054 20c8220d71c45fc511d363fd434e88eb
      Size/MD5 checksum:   336668 078e0cf4a6ba1e74668f7f8cf04adb0d
      Size/MD5 checksum:  1194422 49ac26d59e6c572f38dfdd061945fa36
      Size/MD5 checksum:  1194088 5eb550e0f1d026c258ad84f7ef7f680e

  Sun Sparc architecture:
      Size/MD5 checksum:  1326004 a7db40a610eb3b6dcfe96a5909cc8313
      Size/MD5 checksum:   336682 f28c264b6cedbf41aaf46e32f7bb7c12
      Size/MD5 checksum:  1327028 044779001762380ee8a32bcc1193ea12
      Size/MD5 checksum:  1326022 3084bf7ba7146a24608d84796a9c50eb

  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb stable/updates main
For dpkg-ftp: dists/stable/updates/main
Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.

LinuxSecurity Poll

How frequently do you patch/update your system?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum 0 answer(s) and maximum 3 answer(s).
[{"id":"179","title":"As soon as patches\/updates are released - I track advisories for my distro(s) diligently","votes":"43","type":"x","order":"1","pct":81.13,"resources":[]},{"id":"180","title":"Every so often, when I think of it","votes":"5","type":"x","order":"2","pct":9.43,"resources":[]},{"id":"181","title":"Hardly ever","votes":"5","type":"x","order":"3","pct":9.43,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

Please vote first in order to view vote results.



bottom 200

Please enable / Bitte aktiviere JavaScript!
Veuillez activer / Por favor activa el Javascript![ ? ]

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.