Linux Security
    Linux Security
    Linux Security

    Debian: New xmcd packages fix denial of service

    Date 02 Jun 2006
    5546
    Posted By LinuxSecurity Advisories
    The xmcdconfig creates directories world-writeable allowing local users to fill the /usr and /var partition and hence cause a denial of service. This problem has been half-fixed since version 2.3-1.
    - --------------------------------------------------------------------------
    Debian Security Advisory DSA 1086-1                    This email address is being protected from spambots. You need JavaScript enabled to view it.
    https://www.debian.org/security/                             Martin Schulze
    June 2nd, 2006                          https://www.debian.org/security/faq
    - --------------------------------------------------------------------------
    
    Package        : xmcd
    Vulnerability  : design flaw
    Problem type   : local
    Debian-specific: no
    CVE ID         : CVE-2006-2542
    Debian Bug     : 366816
    
    The xmcdconfig creates directories world-writeable allowing local
    users to fill the /usr and /var partition and hence cause a denial of
    service.  This problem has been half-fixed since version 2.3-1.
    
    For the old stable distribution (woody) this problem has been fixed in
    version 2.6-14woody1.
    
    For the stable distribution (sarge) this problem has been fixed in
    version 2.6-17sarge1.
    
    For the unstable distribution (sid) this problem has been fixed in
    version 2.6-18.
    
    We recommend that you upgrade your xmcd package.
    
    
    Upgrade Instructions
    - --------------------
    
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    
    If you are using the apt-get package manager, use the line for
    sources.list as given at the end of this advisory:
    
    apt-get update
            will update the internal database
    apt-get upgrade
            will install corrected packages
    
    You may use an automated update by adding the resources from the
    footer to the proper configuration.
    
    
    Debian GNU/Linux 3.0 alias woody
    - --------------------------------
    
      Source archives:
    
        https://security.debian.org/pool/updates/main/x/xmcd/xmcd_2.6-14woody1.dsc
          Size/MD5 checksum:      619 42038224877b80e57969e82e14a6ee5a
        https://security.debian.org/pool/updates/main/x/xmcd/xmcd_2.6-14woody1.diff.gz
          Size/MD5 checksum:    19169 3144b9f7dc78b1a0a668eff06ded3b08
        https://security.debian.org/pool/updates/main/x/xmcd/xmcd_2.6.orig.tar.gz
          Size/MD5 checksum:   553934 ce3208e21d8e37059e44ce9310d08f5f
    
      Alpha architecture:
    
        https://security.debian.org/pool/updates/main/x/xmcd/cddb_2.6-14woody1_alpha.deb
          Size/MD5 checksum:    65648 d4beba33b15cdef57c315666e9dbeaf3
        https://security.debian.org/pool/updates/main/x/xmcd/xmcd_2.6-14woody1_alpha.deb
          Size/MD5 checksum:   458520 da2013cefff5009ed770397ea7cf23fe
    
      ARM architecture:
    
        https://security.debian.org/pool/updates/main/x/xmcd/cddb_2.6-14woody1_arm.deb
          Size/MD5 checksum:    60464 2a9f06c9a2f888ea56ac62bdfe2eb05e
        https://security.debian.org/pool/updates/main/x/xmcd/xmcd_2.6-14woody1_arm.deb
          Size/MD5 checksum:   378038 932f832766a947aac29d9b40f2f8a026
    
      Intel IA-32 architecture:
    
        https://security.debian.org/pool/updates/main/x/xmcd/cddb_2.6-14woody1_i386.deb
          Size/MD5 checksum:    58970 506435aef6b9a12c0715e73dea67eefd
        https://security.debian.org/pool/updates/main/x/xmcd/xmcd_2.6-14woody1_i386.deb
          Size/MD5 checksum:   324960 2eba0f70812dada62ec2fb3f3b054318
    
      Intel IA-64 architecture:
    
        https://security.debian.org/pool/updates/main/x/xmcd/cddb_2.6-14woody1_ia64.deb
          Size/MD5 checksum:    66140 6d3eff9fdf1d9c6052c9554bc4dd584a
        https://security.debian.org/pool/updates/main/x/xmcd/xmcd_2.6-14woody1_ia64.deb
          Size/MD5 checksum:   543700 dce5ff73c754b4425fe642117a52f5fa
    
      HP Precision architecture:
    
        https://security.debian.org/pool/updates/main/x/xmcd/cddb_2.6-14woody1_hppa.deb
          Size/MD5 checksum:    60954 f48d59a10a2891bdb1842da42fe0b0f4
        https://security.debian.org/pool/updates/main/x/xmcd/xmcd_2.6-14woody1_hppa.deb
          Size/MD5 checksum:   406294 2b12245768fce9c5f57cc4a8818ea1be
    
      Motorola 680x0 architecture:
    
        https://security.debian.org/pool/updates/main/x/xmcd/cddb_2.6-14woody1_m68k.deb
          Size/MD5 checksum:    58890 ce57236e978ed6310d23cf1cfede3224
        https://security.debian.org/pool/updates/main/x/xmcd/xmcd_2.6-14woody1_m68k.deb
          Size/MD5 checksum:   309832 0de1924af1c4981505849da8e6b8c7af
    
      Big endian MIPS architecture:
    
        https://security.debian.org/pool/updates/main/x/xmcd/cddb_2.6-14woody1_mips.deb
          Size/MD5 checksum:    61476 8a4dcea7adbfb4a1c3294a2622e05d15
        https://security.debian.org/pool/updates/main/x/xmcd/xmcd_2.6-14woody1_mips.deb
          Size/MD5 checksum:   377170 91d622c19970fe0dcda24f63e85c7350
    
      Little endian MIPS architecture:
    
        https://security.debian.org/pool/updates/main/x/xmcd/cddb_2.6-14woody1_mipsel.deb
          Size/MD5 checksum:    61436 27eaa3e4c2365f2e4b49c526acc3df00
        https://security.debian.org/pool/updates/main/x/xmcd/xmcd_2.6-14woody1_mipsel.deb
          Size/MD5 checksum:   378122 c9b63596911f83c72a4c9b7fbd01abf0
    
      PowerPC architecture:
    
        https://security.debian.org/pool/updates/main/x/xmcd/cddb_2.6-14woody1_powerpc.deb
          Size/MD5 checksum:    60998 74e9b62e02f69db4dfedab57100904dd
        https://security.debian.org/pool/updates/main/x/xmcd/xmcd_2.6-14woody1_powerpc.deb
          Size/MD5 checksum:   364402 28547836494d0142a84c2bf58888c6bf
    
      IBM S/390 architecture:
    
        https://security.debian.org/pool/updates/main/x/xmcd/cddb_2.6-14woody1_s390.deb
          Size/MD5 checksum:    59818 8d3d1ca6ff1fd1ceb32c42b73d4fe3bb
        https://security.debian.org/pool/updates/main/x/xmcd/xmcd_2.6-14woody1_s390.deb
          Size/MD5 checksum:   347966 dd3cc13ee026156516f315b77cb1f06b
    
      Sun Sparc architecture:
    
        https://security.debian.org/pool/updates/main/x/xmcd/cddb_2.6-14woody1_sparc.deb
          Size/MD5 checksum:    62724 597ddc3fe6e1c56a3ecb78e2b46c7fd4
        https://security.debian.org/pool/updates/main/x/xmcd/xmcd_2.6-14woody1_sparc.deb
          Size/MD5 checksum:   361214 e93e33fe714c4b5429eb7a2bce8ba0ea
    
    
    Debian GNU/Linux 3.1 alias sarge
    - --------------------------------
    
      Source archives:
    
        https://security.debian.org/pool/updates/main/x/xmcd/xmcd_2.6-17sarge1.dsc
          Size/MD5 checksum:      619 25a530a0383c4ab2cbc2d23a6c95d5f2
        https://security.debian.org/pool/updates/main/x/xmcd/xmcd_2.6-17sarge1.diff.gz
          Size/MD5 checksum:    20482 d9ce89eebe6f068df0c1d49eacc0bb4b
        https://security.debian.org/pool/updates/main/x/xmcd/xmcd_2.6.orig.tar.gz
          Size/MD5 checksum:   553934 ce3208e21d8e37059e44ce9310d08f5f
    
      Alpha architecture:
    
        https://security.debian.org/pool/updates/main/x/xmcd/cddb_2.6-17sarge1_alpha.deb
          Size/MD5 checksum:    62480 d99e5ad3da64edbfbc6a9e5c610683e1
        https://security.debian.org/pool/updates/main/x/xmcd/xmcd_2.6-17sarge1_alpha.deb
          Size/MD5 checksum:   452252 19bf881ff9a11a1d398d97ef2158f07c
    
      AMD64 architecture:
    
        https://security.debian.org/pool/updates/main/x/xmcd/cddb_2.6-17sarge1_amd64.deb
          Size/MD5 checksum:    60974 d14a6718ad2f95983d0af699aa585df2
        https://security.debian.org/pool/updates/main/x/xmcd/xmcd_2.6-17sarge1_amd64.deb
          Size/MD5 checksum:   375978 1064343cbef2794c637ce6431935280b
    
      ARM architecture:
    
        https://security.debian.org/pool/updates/main/x/xmcd/cddb_2.6-17sarge1_arm.deb
          Size/MD5 checksum:    60052 870eb636eb62c6b3d5fc310d82e9ae2c
        https://security.debian.org/pool/updates/main/x/xmcd/xmcd_2.6-17sarge1_arm.deb
          Size/MD5 checksum:   363752 cf23e90fa86d845a66c297a12de2c887
    
      Intel IA-32 architecture:
    
        https://security.debian.org/pool/updates/main/x/xmcd/cddb_2.6-17sarge1_i386.deb
          Size/MD5 checksum:    59976 95f0064a7b485df46d6275e3ba98b28e
        https://security.debian.org/pool/updates/main/x/xmcd/xmcd_2.6-17sarge1_i386.deb
          Size/MD5 checksum:   347032 2e5dfd037ca6a7d7e7ef77fa5b3cdd6a
    
      Intel IA-64 architecture:
    
        https://security.debian.org/pool/updates/main/x/xmcd/cddb_2.6-17sarge1_ia64.deb
          Size/MD5 checksum:    64146 9cf8c9c4c9aa5a6bf8da06ff9079e4df
        https://security.debian.org/pool/updates/main/x/xmcd/xmcd_2.6-17sarge1_ia64.deb
          Size/MD5 checksum:   521072 6759905bab7f05d9cba71fa19b7b971d
    
      HP Precision architecture:
    
        https://security.debian.org/pool/updates/main/x/xmcd/cddb_2.6-17sarge1_hppa.deb
          Size/MD5 checksum:    61618 578d619050afd48ba63fbb103a443673
        https://security.debian.org/pool/updates/main/x/xmcd/xmcd_2.6-17sarge1_hppa.deb
          Size/MD5 checksum:   399428 b7c61aa93ff2efd42cb4375940b675df
    
      Motorola 680x0 architecture:
    
        https://security.debian.org/pool/updates/main/x/xmcd/cddb_2.6-17sarge1_m68k.deb
          Size/MD5 checksum:    59428 a95f8b6d48635de344faf79d8dce01f5
        https://security.debian.org/pool/updates/main/x/xmcd/xmcd_2.6-17sarge1_m68k.deb
          Size/MD5 checksum:   311534 313f9f8e4db059b0c58bc37ef61fe6cd
    
      Big endian MIPS architecture:
    
        https://security.debian.org/pool/updates/main/x/xmcd/cddb_2.6-17sarge1_mips.deb
          Size/MD5 checksum:    61656 35c929f75f4ab0989ab7fe94afe08a3d
        https://security.debian.org/pool/updates/main/x/xmcd/xmcd_2.6-17sarge1_mips.deb
          Size/MD5 checksum:   379520 57b63417bfb1d07afb79767268e56022
    
      Little endian MIPS architecture:
    
        https://security.debian.org/pool/updates/main/x/xmcd/cddb_2.6-17sarge1_mipsel.deb
          Size/MD5 checksum:    61688 63b48f033d11adeb78d933e36ad0a904
        https://security.debian.org/pool/updates/main/x/xmcd/xmcd_2.6-17sarge1_mipsel.deb
          Size/MD5 checksum:   381286 0e05464ae0243e4c6abfa50d21bf032c
    
      PowerPC architecture:
    
        https://security.debian.org/pool/updates/main/x/xmcd/cddb_2.6-17sarge1_powerpc.deb
          Size/MD5 checksum:    60740 5bfc0950afeb05321af3623f90b015e4
        https://security.debian.org/pool/updates/main/x/xmcd/xmcd_2.6-17sarge1_powerpc.deb
          Size/MD5 checksum:   372902 e1706bbfe5c2e920465f339824c3639a
    
      IBM S/390 architecture:
    
        https://security.debian.org/pool/updates/main/x/xmcd/cddb_2.6-17sarge1_s390.deb
          Size/MD5 checksum:    60742 95dcd70b6713309c6f0d57017b024ed7
        https://security.debian.org/pool/updates/main/x/xmcd/xmcd_2.6-17sarge1_s390.deb
          Size/MD5 checksum:   364676 0e28c9bf8c98276469af3b7a906f9c39
    
      Sun Sparc architecture:
    
        https://security.debian.org/pool/updates/main/x/xmcd/cddb_2.6-17sarge1_sparc.deb
          Size/MD5 checksum:    59944 6057d32cd180068884fa63923163cc92
        https://security.debian.org/pool/updates/main/x/xmcd/xmcd_2.6-17sarge1_sparc.deb
          Size/MD5 checksum:   354052 51387f66a75f9ab56fa036b970ace931
    
    
      These files will probably be moved into the stable distribution on
      its next update.
    
    - ---------------------------------------------------------------------------------
    For apt-get: deb https://security.debian.org/ stable/updates main
    For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    

    LinuxSecurity Poll

    I agree with Linus Torvalds - Apple's new M1-powered laptops should run on Linux.

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).
    /main-polls/45-i-agree-with-linus-torvalds-apple-s-new-m1-powered-laptops-should-run-on-linux?task=poll.vote&format=json
    45
    radio
    [{"id":"158","title":"True","votes":"18","type":"x","order":"1","pct":3.5,"resources":[]},{"id":"159","title":"False","votes":"496","type":"x","order":"2","pct":96.5,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

    Please vote first in order to view vote results.


    VIEW MORE POLLS

    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.