Debian: 'xtokkaetama' buffer overflow

    Date08 Aug 2003
    CategoryDebian
    2407
    Posted ByLinuxSecurity Advisories
    Another buffer overflow was discovered in xtokkaetama, involving the"-nickname" command line option. This vulnerability could beexploited by a local attacker to gain gid 'games'.
    
    --------------------------------------------------------------------------
    Debian Security Advisory DSA 367-1                     This email address is being protected from spambots. You need JavaScript enabled to view it. 
    http://www.debian.org/security/                             Matt Zimmerman
    August 8th, 2003                         http://www.debian.org/security/faq
    --------------------------------------------------------------------------
    
    Package        : xtokkaetama
    Vulnerability  : buffer overflow
    Problem-Type   : local
    Debian-specific: no
    CVE Ids        : CAN-2003-0652
    
    Another buffer overflow was discovered in xtokkaetama, involving the
    "-nickname" command line option.  This vulnerability could be
    exploited by a local attacker to gain gid 'games'.
    
    For the current stable distribution (woody) this problem has been fixed
    in version 1.0b-6woody2.
    
    For the unstable distribution (sid) this problem is fixed in version
    1.0b-9.
    
    We recommend that you update your xtokkaetama package.
    
    Upgrade Instructions
    --------------------
    
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    
    If you are using the apt-get package manager, use the line for
    sources.list as given below:
    
    apt-get update
            will update the internal database
    apt-get upgrade
            will install corrected packages
    
    You may use an automated update by adding the resources from the
    footer to the proper configuration.
    
    Debian GNU/Linux 3.0 alias woody
    --------------------------------
    
      Source archives:
    
         http://security.debian.org/pool/updates/main/x/xtokkaetama/xtokkaetama_1.0b-6woody2.dsc
          Size/MD5 checksum:      593 eb84bec50c2115725ee1c8477bd06d1a
         http://security.debian.org/pool/updates/main/x/xtokkaetama/xtokkaetama_1.0b-6woody2.diff.gz
          Size/MD5 checksum:     6598 e3f0f614059206a4145033da3a767990
         http://security.debian.org/pool/updates/main/x/xtokkaetama/xtokkaetama_1.0b.orig.tar.gz
          Size/MD5 checksum:   107487 101ee56e00f4b0b9dc10caa3e38fc826
    
      Alpha architecture:
    
         http://security.debian.org/pool/updates/main/x/xtokkaetama/xtokkaetama_1.0b-6woody2_alpha.deb
          Size/MD5 checksum:   112644 8adee7a174ca894b8d4f4abaa908e4e6
    
      ARM architecture:
    
         http://security.debian.org/pool/updates/main/x/xtokkaetama/xtokkaetama_1.0b-6woody2_arm.deb
          Size/MD5 checksum:   105516 aadcb40dad8d8b07058fb0b275bbda12
    
      Intel IA-32 architecture:
    
         http://security.debian.org/pool/updates/main/x/xtokkaetama/xtokkaetama_1.0b-6woody2_i386.deb
          Size/MD5 checksum:   101918 8127aeaefddc310805bb600b73aa35ff
    
      Intel IA-64 architecture:
    
         http://security.debian.org/pool/updates/main/x/xtokkaetama/xtokkaetama_1.0b-6woody2_ia64.deb
          Size/MD5 checksum:   123860 95516e820f6143db875fc6cb060af3b3
    
      HP Precision architecture:
    
         http://security.debian.org/pool/updates/main/x/xtokkaetama/xtokkaetama_1.0b-6woody2_hppa.deb
          Size/MD5 checksum:   110168 be2129764d4238f27796752ba6c186ce
    
      Motorola 680x0 architecture:
    
         http://security.debian.org/pool/updates/main/x/xtokkaetama/xtokkaetama_1.0b-6woody2_m68k.deb
          Size/MD5 checksum:   100736 394f476c9028fd7851bdae74cd36e21f
    
      Big endian MIPS architecture:
    
         http://security.debian.org/pool/updates/main/x/xtokkaetama/xtokkaetama_1.0b-6woody2_mips.deb
          Size/MD5 checksum:   108042 7bd17d6e4da207b0e2cca6268f0f9107
    
      Little endian MIPS architecture:
    
         http://security.debian.org/pool/updates/main/x/xtokkaetama/xtokkaetama_1.0b-6woody2_mipsel.deb
          Size/MD5 checksum:   107244 499d335449b1761995be6cefead1bdca
    
      PowerPC architecture:
    
         http://security.debian.org/pool/updates/main/x/xtokkaetama/xtokkaetama_1.0b-6woody2_powerpc.deb
          Size/MD5 checksum:   107800 14352aca4111cec66cffd68a88834b75
    
      IBM S/390 architecture:
    
         http://security.debian.org/pool/updates/main/x/xtokkaetama/xtokkaetama_1.0b-6woody2_s390.deb
          Size/MD5 checksum:   105076 02b177a29fd4723d3147981c044aa287
    
      Sun Sparc architecture:
    
         http://security.debian.org/pool/updates/main/x/xtokkaetama/xtokkaetama_1.0b-6woody2_sparc.deb
          Size/MD5 checksum:   109056 c781e63ec9128bf5e559457d3d43c27c
    
      These files will probably be moved into the stable distribution on
      its next revision.
    
    ---------------------------------------------------------------------------------
    For apt-get: deb  http://security.debian.org/ stable/updates main
    For dpkg-ftp:  ftp://security.debian.org/debian-security dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    Package info: `apt-cache show ' and  http://packages.debian.org/
    
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"7","type":"x","order":"1","pct":58.33,"resources":[]},{"id":"88","title":"Should be more technical","votes":"3","type":"x","order":"2","pct":25,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"2","type":"x","order":"3","pct":16.67,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.