Debian Essential And Critical Security Patch Updates - Page 296
Find the information you need for your favorite open source distribution .
Find the information you need for your favorite open source distribution .
The versions of the ISC DHCP client in debian 2.1 (slink) and debian 2.2 (potato) are vulnerable to a root exploit.
The version of wu-ftpd distributed in Debian GNU/Linux 2.1 (a.k.a. slink), as well as in the frozen (potato) and unstable (woody) distributions, is vulnerable to a remote root compromise.
The version of splitvt distributed in Debian GNU/Linux 2.1, the frozen (potato) and unstable (woody) distributions, is vulnerable to a local buffer overflow.
The version of mailx distributed in Debian GNU/Linux 2.1, the frozen (potato) and unstable (woody) distributions is vulnerable to a local buffer overflow.
Any local user can trick majordomo into executing arbitrary code or to create or write files as the majordomo user anywhere on the filesystem.
The version of mtr as distributed in Debian GNU/Linux 2l1 (aka slink) did not drop root privileges correctly. While there are no known exploits it is conceivable that a weakness in gtk or ncurses could be used to exploit this.
nmh did not check incoming mail messages properly. This could be exploited byusing carefully designed MIME headers to trick mhshow into executing arbitrary shell code. [Found on LWN]
The make package as shipped in Debian GNU/Linux 2.1 is vulnerable to arace condition that can be exploited with a symlink attack. make usedmktemp while creating temporary files in /tmp. and that is a knownpotential security hole, as documented in the man page of mktemp.
The apcd package as shipped in Debian GNU/Linux 2.1 is vulnerable to a symlink attack. If the apcd process gets a SIGUSR1 signal it will dump its status to /tmp/upsstat. However this file is not opened safely, which makes it a good target for a symlink attack. This has been fixed in version 0.6a.nr-4slink1. We recommend you upgrade your apcd package immediately.
This vulnerability exists in all distributed versions of the ftpwatch package. We recommend that you remove ftpwatch package until a corrected version is released.
Vulnerabilities have been found in the bootpd and ftp programs.
The wu-ftpd-academ and proftpd packages distributed in Debian GNU/Linux 2.0 (hamm) are vulnerable to a buffer overflow. It is possible to gain shell access to the machine, and we recommend upgrading these packages immediately.
There is an error in the way the cfengine package handles temporary files whenit runs the tidy action on homedirectories. This error makes it susceptible tosymlink attacks.
The version of samba as distributed in Debian GNU/Linux 2.1 has a couple ofsecurity problems:* a Denial-of-Service attack against nmbd was possible* it was possible to exploit smbd if you had a message command defined which used the %f or %M formatter.* smbmnt's check to see if a user is allowed to create a mount was flawed which allowed users to mount at arbitraty mountpoints in the filesystem
The version of htdig that was shipped in Debian GNU/Linux 2.1 has a problem with calling external programs to handle non-HTML documents: it calls the external program with the document as a parameter, but does not check for shell escapes. This can be exploited by creating files with filenames that include shell escapes to run arbitraty commands on the machine that runs htdig.
The version of sendmail-wide that was distributed with Debian GNU/Linux 2.1 has a slight problem in the code to regenerate the aliases database. Sendmail allowed any user to run sendmail with the -bi option to (re)initialize the aliases database. The user could then interrupt sendmail and leave the system with a broken aliases database.
The version of sendmail that was listed in the earlier advisory today was compiled with the wrong version of libc. This has been corrected in version 8.9.3-3slink1.0.1 .