Debian Security Advisory: mtr

    Date09 Mar 2000
    CategoryDebian
    2973
    Posted ByLinuxSecurity Advisories
    The version of mtr as distributed in Debian GNU/Linux 2l1 (aka slink) did not drop root privileges correctly. While there are no known exploits it is conceivable that a weakness in gtk or ncurses could be used to exploit this. Debian Security Advisory This email address is being protected from spambots. You need JavaScript enabled to view it.
    http://www.debian.org/security/ Wichert Akkerman
    March 9, 2000
    Package: mtr
    Vulnerability type: possible local exploit
    Debian-specific: no

    The version of mtr as distributed in Debian GNU/Linux 2l1 (aka slink) did not drop root privileges correctly. While there are no known exploits it is conceivable that a weakness in gtk or ncurses could be used to exploit this.

    This has been fixed in version 0.28-1, and we recommend that you upgrade your mtr package.

    wget url
    will fetch the file for you
    dpkg -i file.deb
    will install the referenced file.

    Debian GNU/Linux 2.1 alias slink


    This version of Debian was released only for Intel ia32, the Motorola 680x0, the alpha and the Sun sparc architecture.

    Source archives:
    http://security.debian.org/dists/stable/updates/source/mtr_0.28-1.diff.gz
    MD5 checksum: a4fd6dbcc3b50914299b5de93d4b4ce8
    http://security.debian.org/dists/stable/updates/source/mtr_0.28-1.dsc
    MD5 checksum: 4570f1d02c68225e5819c0d41a9efb45
    http://security.debian.org/dists/stable/updates/source/mtr_0.28.orig.tar.gz
    MD5 checksum: 40074f51f01fbd295f330401175f9223

    Alpha architecture:
    http://security.debian.org/dists/stable/updates/binary-alpha/mtr_0.28-1_alpha.deb
    MD5 checksum: 2aafabb8fe0e618030cdd5a5cab20769

    Intel ia32 architecture:
    http://security.debian.org/dists/stable/updates/binary-i386/mtr_0.28-1_i386.deb
    MD5 checksum: b1f0fdfa4d213531bd613b69ebe62b14

    Motorola 680x0 architecture:
    http://security.debian.org/dists/stable/updates/binary-m68k/mtr_0.28-1_m68k.deb
    MD5 checksum: 6c2089822ed8283885ccd6ab3564bf08

    Sun Sparc architecture:
    http://security.debian.org/dists/stable/updates/binary-sparc/mtr_0.28-1_sparc.deb
    MD5 checksum: 024ee70deac4dcb0a78b2cb5eedd287e

    These files will be moved into
    ftp://ftp.debian.org/debian/dists/stable/*/binary-$arch/ soon.

    For not yet released architectures please refer to the appropriate directory ftp://ftp.debian.org/debian/dists/sid/binary-$arch/ .


    For apt-get: deb http://security.debian.org/ stable updates
    For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"25","type":"x","order":"1","pct":55.56,"resources":[]},{"id":"88","title":"Should be more technical","votes":"5","type":"x","order":"2","pct":11.11,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"15","type":"x","order":"3","pct":33.33,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.