Debian: omega-rpg buffer overflow vulnerability

    Date11 Nov 2003
    CategoryDebian
    2614
    Posted ByLinuxSecurity Advisories
    Steve Kemp discovered a buffer overflow in the commandline andenvironment variable handling of omega-rpg.
    
    - --------------------------------------------------------------------------
    Debian Security Advisory DSA 400-1                     This email address is being protected from spambots. You need JavaScript enabled to view it. 
    http://www.debian.org/security/                             Martin Schulze
    November 11th, 2003                      http://www.debian.org/security/faq
    - --------------------------------------------------------------------------
    
    Package        : omega-rpg
    Vulnerability  : buffer overlow
    Problem-Type   : local
    Debian-specific: no
    CVE Id         : CAN-2003-0932
    
    Steve Kemp discovered a buffer overflow in the commandline and
    environment variable handling of omega-rpg, a text-based rogue-style
    game of dungeon exploration, which could lead a local attacker to gain
    unauthorised access to the group games.
    
    For the stable distribution (woody) this problem has been fixed in
    version 0.90-pa9-7woody1.
    
    For the unstable distribution (sid) this problem has been fixed in
    version 0.90-pa9-11.
    
    We recommend that you upgrade your omega-rpg package.
    
    
    Upgrade Instructions
    - --------------------
    
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    
    If you are using the apt-get package manager, use the line for
    sources.list as given below:
    
    apt-get update
            will update the internal database
    apt-get upgrade
            will install corrected packages
    
    You may use an automated update by adding the resources from the
    footer to the proper configuration.
    
    
    Debian GNU/Linux 3.0 alias woody
    - --------------------------------
    
      Source archives:
    
         http://security.debian.org/pool/updates/main/o/omega-rpg/omega-rpg_0.90-pa9-7woody1.dsc
          Size/MD5 checksum:      616 ec09d79e6db8d2a26b2419118c82b6d9
         http://security.debian.org/pool/updates/main/o/omega-rpg/omega-rpg_0.90-pa9-7woody1.diff.gz
          Size/MD5 checksum:     9264 9a1c91a88685a9a3ebbd3d303d9af458
         http://security.debian.org/pool/updates/main/o/omega-rpg/omega-rpg_0.90-pa9.orig.tar.gz
          Size/MD5 checksum:   425670 decf9c9c5e217a243d87c5693069016f
    
      Alpha architecture:
    
         http://security.debian.org/pool/updates/main/o/omega-rpg/omega-rpg_0.90-pa9-7woody1_alpha.deb
          Size/MD5 checksum:   433086 e0b2fab139c48fd165856261346509ea
    
      ARM architecture:
    
         http://security.debian.org/pool/updates/main/o/omega-rpg/omega-rpg_0.90-pa9-7woody1_arm.deb
          Size/MD5 checksum:   329224 8821937e31ffdeb13ca7707be44f2ee2
    
      Intel IA-32 architecture:
    
         http://security.debian.org/pool/updates/main/o/omega-rpg/omega-rpg_0.90-pa9-7woody1_i386.deb
          Size/MD5 checksum:   313176 5f6e8d376c2dcf9eec749a6589410090
    
      Intel IA-64 architecture:
    
         http://security.debian.org/pool/updates/main/o/omega-rpg/omega-rpg_0.90-pa9-7woody1_ia64.deb
          Size/MD5 checksum:   499828 aa1d2895cf9bf64ee15e4632286f819c
    
      HP Precision architecture:
    
         http://security.debian.org/pool/updates/main/o/omega-rpg/omega-rpg_0.90-pa9-7woody1_hppa.deb
          Size/MD5 checksum:   367390 bf3008b562d94d34af03cbcecc90e99f
    
      Motorola 680x0 architecture:
    
         http://security.debian.org/pool/updates/main/o/omega-rpg/omega-rpg_0.90-pa9-7woody1_m68k.deb
          Size/MD5 checksum:   295016 70d31cc87a332a44155ef356ad8e41b5
    
      Big endian MIPS architecture:
    
         http://security.debian.org/pool/updates/main/o/omega-rpg/omega-rpg_0.90-pa9-7woody1_mips.deb
          Size/MD5 checksum:   373454 39d6c1c8570fe8aae62a9c7e1c970c6a
    
      Little endian MIPS architecture:
    
         http://security.debian.org/pool/updates/main/o/omega-rpg/omega-rpg_0.90-pa9-7woody1_mipsel.deb
          Size/MD5 checksum:   372138 c21602808847f8edf799d7ee4e562899
    
      PowerPC architecture:
    
         http://security.debian.org/pool/updates/main/o/omega-rpg/omega-rpg_0.90-pa9-7woody1_powerpc.deb
          Size/MD5 checksum:   355306 3b6e082c0568bc3e090b017d1366bf97
    
      IBM S/390 architecture:
    
         http://security.debian.org/pool/updates/main/o/omega-rpg/omega-rpg_0.90-pa9-7woody1_s390.deb
          Size/MD5 checksum:   330438 90c057f921d7861f3a511b684d22a630
    
      Sun Sparc architecture:
    
         http://security.debian.org/pool/updates/main/o/omega-rpg/omega-rpg_0.90-pa9-7woody1_sparc.deb
          Size/MD5 checksum:   347386 40762ef4e8f790f1260c7c84bfd24809
    
    
      These files will probably be moved into the stable distribution on
      its next revision.
    
    - ---------------------------------------------------------------------------------
    For apt-get: deb  http://security.debian.org/ stable/updates main
    For dpkg-ftp:  ftp://security.debian.org/debian-security dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    Package info: `apt-cache show ' and  http://packages.debian.org/
    
    
    
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"40","type":"x","order":"1","pct":48.78,"resources":[]},{"id":"88","title":"Should be more technical","votes":"13","type":"x","order":"2","pct":15.85,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"29","type":"x","order":"3","pct":35.37,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    Advisories

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.