security advisorybuffer overflowDebian
Steve Kemp discovered a buffer overflow in freesweep, when processingseveral environment variables. This vulnerability could be exploitedby a local user to gain gid 'games'.. - -------------------------------------------------------------------------- Debian Security Advisory DSA 391-1 This email address is being protected from spambots. You need JavaScript enabled to view it. Debian -- Security Information Matt Zimmerman September 28th, 2003 Debian -- Debian security FAQ - -------------------------------------------------------------------------- Package : freesweep Vulnerability : buffer overflow Problem-Type : local Debian-specific: no CVE Ids : CAN-2003-0828 Steve Kemp discovered a buffer overflow in freesweep, when processing several environment variables. This vulnerability could be exploited by a local user to gain gid 'games'. For the current stable distribution (woody) this problem has been fixed in version 0.88-4woody1. For the unstable distribution (sid) this problem will be fixed soon. We recommend that you update your freesweep package. Upgrade Instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.0 alias woody - -------------------------------- Source archives: Size/MD5 checksum: 604 3b4fcb708f68923f54b4e6e9a75cdf2f Size/MD5 checksum: 23476 8aa97d3f8d182be549621937a1de34a7 Size/MD5 checksum: 72711 cfcbe96ee572d4e737da3166f20c3f85 Alpha architecture: Size/MD5 checksum: 41584 a80ee65d7609074a5fd0bb72a89d35c8 ARM architecture: Size/MD5 checksum: 3564842e0fea755cf1de15b96b6441bbca232 Intel IA-32 architecture: Size/MD5 checksum: 35920 f4d5a64504e5f47aecd81178826c9386 Intel IA-64 architecture: Size/MD5 checksum: 49758 b85c448dc51c6abf177287064e458ec2 HP Precision architecture: Size/MD5 checksum: 40832 da4299857ed94f24e99581fc8aa7c55b Motorola 680x0 architecture: Size/MD5 checksum: 33690 edf0a457199e07e44c3c7b787ab50466 Big endian MIPS architecture: Size/MD5 checksum: 37940 2a33af6b5b6fc76e67708768492d4e10 Little endian MIPS architecture: Size/MD5 checksum: 37982 3a106328946d6115590228df1112e8b3 PowerPC architecture: Size/MD5 checksum: 36332 03da264cc52ea053cfa19c96ee0a56dd IBM S/390 architecture: Size/MD5 checksum: 36576 25ba7c0f70f83c2081b7b47a74b3b579 Sun Sparc architecture: Size/MD5 checksum: 38638 f59794b6e93379516b6a2b979b4a2db8 These files will probably be moved into the stable distribution on its next revision. - --------------------------------------------------------------------------------- For apt-get: deb Debian -- Security Information stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. Package info: `apt-cache show ' and https://www.debian.org/distrib/packages -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQE/duzXArxCt0PiXR4RAn32AKCv+h9NNYR3R2dyCrSVd3AKAN4NtQCfSo9n qVYmZKquLntrIjwKEA7XVJ4=+tcG -----END PGP SIGNATURE----- . Debian Security Advisory DSA 391-1 outlines critical buffer overflow risk in freesweep, urging immediate update action.. freesweep buffer overflow exploit update. . Severity: Critical. LinuxSecurity.com Team
Sep 28, 2003
•Critical
Debian
Refine advisories
