Debian: 'uucp' Remote DoS

    Date01 Jun 2002
    CategoryDebian
    2442
    Posted ByLinuxSecurity Advisories
    An authentication agent in the uucp package does not properly terminate certain long input strings.
    
    ----------------------------------------------------------------------------
    Debian Security Advisory                                 This email address is being protected from spambots. You need JavaScript enabled to view it. 
    http://www.debian.org/security/                                Michael Stone
    May 27, 2002
    ----------------------------------------------------------------------------
    
    Package: uucp
    Vulnerability: remote dos
    Debian-specific: yes
    
    We have received reports that in.uucpd, an authentication agent in the
    uucp package, does not properly terminate certain long input strings.
    This has been corrected in uucp package version 1.06.1-11potato3 for
    Debian 2.2 (potato) and in version 1.06.1-18 for the upcoming (woody)
    release.
    
    We recommend you upgrade your uucp package immediately.
    
    wget url
    	will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    
    You may use an automated update by adding the resources from the
    footer to the proper configuration.
    
    
    Debian GNU/Linux 2.2 alias potato
    ---------------------------------
    
      Potato was released for alpha, arm, i386, m68k, powerpc and sparc.
    
      Source archives:
         http://security.debian.org/dists/stable/updates/main/source/uucp_1.06.1-11potato3.diff.gz
          MD5 checksum: 72a754638558507ee3f1794a22133db3
         http://security.debian.org/dists/stable/updates/main/source/uucp_1.06.1-11potato3.dsc
          MD5 checksum: 549d78afae9c33422dbb325f5e2f60b9
         http://security.debian.org/dists/stable/updates/main/source/uucp_1.06.1.orig.tar.gz
          MD5 checksum: 390af5277915fcadbeee74d2f3038af9
    
      Alpha architecture:
         http://security.debian.org/dists/stable/updates/main/binary-alpha/uucp_1.06.1-11potato3_alpha.deb
          MD5 checksum: 15fac849328d57860aedf2cba8274170
    
      ARM architecture:
         http://security.debian.org/dists/stable/updates/main/binary-arm/uucp_1.06.1-11potato3_arm.deb
          MD5 checksum: 410fe766a74528e6b7564821e4b3aa7e
    
      Intel IA-32 architecture:
         http://security.debian.org/dists/stable/updates/main/binary-i386/uucp_1.06.1-11potato3_i386.deb
          MD5 checksum: 26f22db0eeed4cabad46861112d94d47
    
      Motorola 680x0 architecture:
         http://security.debian.org/dists/stable/updates/main/binary-m68k/uucp_1.06.1-11potato3_m68k.deb
          MD5 checksum: 80ce564f52e43917c7e76411adfe6206
    
      PowerPC architecture:
         http://security.debian.org/dists/stable/updates/main/binary-powerpc/uucp_1.06.1-11potato3_powerpc.deb
          MD5 checksum: 744c3a2c394a02ada9ef6c43b539fab9
    
      Sun Sparc architecture:
         http://security.debian.org/dists/stable/updates/main/binary-sparc/uucp_1.06.1-11potato3_sparc.deb
          MD5 checksum: d3ac8428c4d2f65573b0946a31234422
    
      These packages will be moved into the stable distribution on its next
      revision.
    
    
    For not yet released architectures please refer to the appropriate
    directory  ftp://ftp.debian.org/debian/dists/sid/binary-$arch/ .
    
    ----------------------------------------------------------------------------
    For apt-get: deb  http://security.debian.org/ stable/updates main
    For dpkg-ftp:  ftp://security.debian.org/debian-security dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    
    ----------------------------------------------------------------------
    
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"7","type":"x","order":"1","pct":58.33,"resources":[]},{"id":"88","title":"Should be more technical","votes":"3","type":"x","order":"2","pct":25,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"2","type":"x","order":"3","pct":16.67,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.