Linux Security
    Linux Security
    Linux Security

    Debian: tetex-bin arbitrary code execution

    Date 25 Nov 2004
    3757
    Posted By LinuxSecurity Advisories
    Chris Evans discovered several integer overflows in xpdf, that are also present in tetex-bin, binary files for the teTeX distribution, which can be exploited remotely by a specially crafted PDF document and lead to the execution of arbitrary code.
    
    --------------------------------------------------------------------------
    Debian Security Advisory DSA 599-1                     This email address is being protected from spambots. You need JavaScript enabled to view it. 
    https://www.debian.org/security/                             Martin Schulze
    November 25th, 2004                      https://www.debian.org/security/faq
    --------------------------------------------------------------------------
    
    Package        : tetex-bin
    Vulnerability  : integer overflows
    Problem-Type   : remote
    Debian-specific: no
    CVE ID         : CAN-2004-0888
    Debian Bug     : 278298
    
    Chris Evans discovered several integer overflows in xpdf, that are
    also present in tetex-bin, binary files for the teTeX distribution,
    which can be exploited remotely by a specially crafted PDF document
    and lead to the execution of arbitrary code.
    
    For the stable distribution (woody) these problems have been fixed in
    version 20011202-7.3.
    
    For the unstable distribution (sid) these problems have been fixed in
    version 2.0.2-23.
    
    We recommend that you upgrade your tetex-bin packages.
    
    
    Upgrade Instructions
    --------------------
    
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    
    If you are using the apt-get package manager, use the line for
    sources.list as given below:
    
    apt-get update
            will update the internal database
    apt-get upgrade
            will install corrected packages
    
    You may use an automated update by adding the resources from the
    footer to the proper configuration.
    
    
    Debian GNU/Linux 3.0 alias woody
    --------------------------------
    
      Source archives:
    
         https://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0.7+20011202-7.3.dsc
          Size/MD5 checksum:      874 0774ffbc5e428a21939d7d10070ef12b
         https://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0.7+20011202-7.3.tar.gz
          Size/MD5 checksum: 10329770 9ffa7015b10981c3524e8d6147f2c077
    
      Alpha architecture:
    
         https://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_1.0.7+20011202-7.3_alpha.deb
          Size/MD5 checksum:    84664 7b82ef947ccbd60c57e31fa1cdbceeae
         https://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_1.0.7+20011202-7.3_alpha.deb
          Size/MD5 checksum:    53042 e14d212ec7d9a21859b443ea11210d12
         https://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0.7+20011202-7.3_alpha.deb
          Size/MD5 checksum:  4568870 d8a00aedde830f02a46f70ae97bcdfbc
    
      ARM architecture:
    
         https://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_1.0.7+20011202-7.3_arm.deb
          Size/MD5 checksum:    65256 c7fb486f0e58d6f90a080313ade6d980
         https://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_1.0.7+20011202-7.3_arm.deb
          Size/MD5 checksum:    43610 acf504677a35232f075cb6368cb73c4f
         https://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0.7+20011202-7.3_arm.deb
          Size/MD5 checksum:  3703874 25b4e1d62d2b010382bb74e610f7de32
    
      Intel IA-32 architecture:
    
         https://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_1.0.7+20011202-7.3_i386.deb
          Size/MD5 checksum:    62598 6c11adfac9cbe8007aa89fa91bef57da
         https://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_1.0.7+20011202-7.3_i386.deb
          Size/MD5 checksum:    40742 afda3a9de40083b9fb4a9d92a57749f3
         https://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0.7+20011202-7.3_i386.deb
          Size/MD5 checksum:  3137234 898331b25326db5114be3fde93b191d1
    
      Intel IA-64 architecture:
    
         https://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_1.0.7+20011202-7.3_ia64.deb
          Size/MD5 checksum:    89716 c18229e93ad1bcd55a4baf9236798545
         https://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_1.0.7+20011202-7.3_ia64.deb
          Size/MD5 checksum:    63354 67c881d278113cd980dcfba6b52b2b1a
         https://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0.7+20011202-7.3_ia64.deb
          Size/MD5 checksum:  5598790 7e42e2710c659668fd6cb49ee73d333d
    
      HP Precision architecture:
    
         https://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_1.0.7+20011202-7.3_hppa.deb
          Size/MD5 checksum:    79336 56b55b712e71ff618a1f861fe79ec21c
         https://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_1.0.7+20011202-7.3_hppa.deb
          Size/MD5 checksum:    49324 8577bdb403711604e3ff31cef86a9f1a
         https://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0.7+20011202-7.3_hppa.deb
          Size/MD5 checksum:  4106740 0f07a18dd4762a7d4bd5ea0881b8a80e
    
      Motorola 680x0 architecture:
    
         https://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_1.0.7+20011202-7.3_m68k.deb
          Size/MD5 checksum:    61894 645b35f6e1d139a50f2fbd33be3c985b
         https://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_1.0.7+20011202-7.3_m68k.deb
          Size/MD5 checksum:    41370 7b6ce68854bf90f1914f90d386a83dcf
         https://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0.7+20011202-7.3_m68k.deb
          Size/MD5 checksum:  2923076 de62311a6c75ca949adf65b09c5d0722
      Big endian MIPS architecture:
    
         https://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_1.0.7+20011202-7.3_mips.deb
          Size/MD5 checksum:    75110 725f811a3b30630c84fa63137eca473d
         https://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_1.0.7+20011202-7.3_mips.deb
          Size/MD5 checksum:    42380 a89bb43e57cfb784e5b9193177c7894e
         https://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0.7+20011202-7.3_mips.deb
          Size/MD5 checksum:  3941306 2e93d929facb57b8a3500780c00c2335
    
      Little endian MIPS architecture:
    
         https://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_1.0.7+20011202-7.3_mipsel.deb
          Size/MD5 checksum:    74908 973bf6cec0fd0f972d1e159e1565953c
         https://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_1.0.7+20011202-7.3_mipsel.deb
          Size/MD5 checksum:    42592 360874783cafee5a52b11a9f34cca859
         https://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0.7+20011202-7.3_mipsel.deb
          Size/MD5 checksum:  3899668 a8f1b96d1cd98bbb47ab0a685d719695
    
      PowerPC architecture:
    
         https://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_1.0.7+20011202-7.3_powerpc.deb
          Size/MD5 checksum:    73942 631231dd210da928ae371d327d1d9c19
         https://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_1.0.7+20011202-7.3_powerpc.deb
          Size/MD5 checksum:    45282 0452f97d7b0fa7d385c2bbe1f7f9010f
         https://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0.7+20011202-7.3_powerpc.deb
          Size/MD5 checksum:  3587232 c4895e69f2428a9641418ebc751fe7d3
    
      IBM S/390 architecture:
    
         https://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_1.0.7+20011202-7.3_s390.deb
          Size/MD5 checksum:    64264 a1d4534009c6c82335c5231869b921d9
         https://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_1.0.7+20011202-7.3_s390.deb
          Size/MD5 checksum:    43760 ead82804aaee31f3ba40d98d6d11ed7b
         https://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0.7+20011202-7.3_s390.deb
          Size/MD5 checksum:  3441172 8ca00fddab7f9c3c612e6ac3db9889a4
    
      Sun Sparc architecture:
    
         https://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_1.0.7+20011202-7.3_sparc.deb
          Size/MD5 checksum:    70710 d0e1d6a50ca4dfbe852445d6b49b1a40
         https://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_1.0.7+20011202-7.3_sparc.deb
          Size/MD5 checksum:    48748 907d98a1136cfd90f0678497728885d0
         https://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0.7+20011202-7.3_sparc.deb
          Size/MD5 checksum:  3598666 0deea34aef2ec55cb04eb8f93204d2f2
    
      These files will probably be moved into the stable distribution on
      its next update.
    
    ---------------------------------------------------------------------------------
    For apt-get: deb  https://security.debian.org/ stable/updates main
    For dpkg-ftp:  ftp://security.debian.org/debian-security dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    Package info: `apt-cache show ' and  https://packages.debian.org/
    
    

    Advisories

    LinuxSecurity Poll

    'Tis the season of giving! How have you given back to the open-source community?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/49-tis-the-season-of-giving-how-have-you-given-back-to-the-open-source-community?task=poll.vote&format=json
    49
    radio
    [{"id":"171","title":"I've contributed to the development of an open-source project.","votes":"11","type":"x","order":"1","pct":34.38,"resources":[]},{"id":"172","title":"I've reviewed open-source code for security bugs.","votes":"6","type":"x","order":"2","pct":18.75,"resources":[]},{"id":"173","title":"I've made a donation to an open-source project.","votes":"15","type":"x","order":"3","pct":46.88,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

    Please vote first in order to view vote results.


    VIEW MORE POLLS

    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.