Debian 2.1 nfs-server: Critical Remote Exploit Advisory
debian
December 13, 1999
The version of nfs-server that was distributed in Debian GNU/Linux 2.1 had a
buffer overflow in fh_buildpath()
Summary
The version of nfs-server that was distributed in Debian GNU/Linux 2.1 had a
buffer overflow in fh_buildpath(). It assumed that the total length of a path
would never exceed (PATH_MAX_NAME_MAX). With a read/write exported directory
people could created longes path and cause a bufferoverflow.
This has been addressed in version 2.2beta37-1slink.1, and we recommend you
upgrade your nfs-server package immediately.
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
Debian GNU/Linux 2.1 alias slink
This version of Debian was released only for Intel, the Motorola
680x0, the alpha and the Sun sparc architecture.
Source archives:
server_2.2beta37-1slink.1.diff.gz
MD5 checksum: 277c6daafd5b6f3947908a40761473d1
server_2.2beta37-1slink.1.dsc
MD5 checksum: c9bcdd19e29055d420e1c50dee6425d4
urce/nfs-server_2.2beta37.orig.tar.gz
MD5 checksum: afe0f88c48add25f304a387ae4fb40ba
Alpha architecture:
alpha/nfs-server_2.2beta37-...
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!