security advisorymoderatebuffer overflow
Joan Calvet discovered that httrack, a utility to create local copies of websites, is vulnerable to a buffer overflow potentially allowing to execute arbitrary code when passed excessively long URLs. . - ------------------------------------------------------------------------Debian Security Advisory DSA-1626-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Thijs Kinkhorst August 01, 2008 http://www.debian.org/security/faq - ------------------------------------------------------------------------Package : httrack Vulnerability : buffer overflow Problem type : local (remote) Debian-specific: no BugTraq ID : 30425 Joan Calvet discovered that httrack, a utility to create local copies of websites, is vulnerable to a buffer overflow potentially allowing to execute arbitrary code when passed excessively long URLs. For the stable distribution (etch), this problem has been fixed in version 3.40.4-3.1+etch1. For the testing (lenny) and unstable distribution (sid), this problem has been fixed in version 3.42.3-1. We recommend that you upgrade your httrack package. Upgrade instructions - --------------------wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 4.0 alias etch - -------------------------------Source archives: Size/MD5 checksum: 950 277074178046b94ceebefa5f5eaee9de Size/MD5 checksum: 1626176 9e4de064afc1dfcb6f50b773f8081f1c Size/MD5 checksum: 7597 005a605bfabc7f0830d8db87d3ee67fe Architecture independent packages: Size/MD5 checksum: 5166769f2c726cbc7e6f97dfeda4f8a72c8e77 amd64 architecture (AMD x86_64 (AMD64)) Size/MD5 checksum: 441370 a37aaf592b7ab95fd11eeec082d4919a Size/MD5 checksum: 395946 7eea58a1b8a7d6d11501ec2e879f0167 Size/MD5 checksum: 61108 0894913629340bd559c929d07a05f19f Size/MD5 checksum: 31766 63db4ac65e705d74d1eab458b33f56e5 Size/MD5 checksum: 491618 e8a2076bb272020be529c39a53eea534 arm architecture (ARM) Size/MD5 checksum: 33424 eed7c807ccebd9db0722545849938d0f Size/MD5 checksum: 281686 1b4a63e9fea5cdbcd49eb02354fd0608 Size/MD5 checksum: 350912 9c85eea85e7bf24b734f259ecba0a303 Size/MD5 checksum: 443078 64a26f96bfb086474c47a9f37d9db15d Size/MD5 checksum: 59448 70d880740666db737ef8cbc8730e5377 hppa architecture (HP PA RISC) Size/MD5 checksum: 34180 5ac05721cb623cf7c25b9bffbc81ad6d Size/MD5 checksum: 65948 7a8fa1831ffadffab827c2a8ecc44068 Size/MD5 checksum: 321760 ee4562bcf5255b6addf8ac0b673d19fe Size/MD5 checksum: 440990 594b8679acb8e05c9b0bede368a86ad3 Size/MD5 checksum: 438154 2bc91f3ebd931a161595b2c95253d15a i386 architecture (Intel ia32) Size/MD5 checksum: 32152 4f545c6163fc8516c6d0dae9ddf6082e Size/MD5 checksum: 59458 4c81a59964535c95ccdb08916fc47f63 Size/MD5 checksum: 482448 8db927e07b642477f60cb0e4beeb2b3e Size/MD5 checksum: 438432 ae91317aa8eb3a32fdf6b5be6a3c153b Size/MD5 checksum: 365534 c38c17f82ea6b110c52d17d6a8098563 ia64 architecture (Intel ia64) Size/MD5 checksum: 92114 88d98af0e94dbe1137db57341c0d7fe3 Size/MD5 checksum: 35186 fcf89c422fdac82f9e436bd4ff13d161 Size/MD5 checksum: 736406 a4a9b2fdd5d4ba5e0147e56e39a81bb3 Size/MD5 checksum: 450002 523074d62431c05143a8db9d0d3ca8b3 Size/MD5 checksum: 501600 b0b7938e039dc12e6289353407a66f24 mips architecture (MIPS (Big Endian)) Size/MD5 checksum: 422550 ddefd0cf52d210266bc10c1d6dfec2f1 Size/MD5checksum: 272376 f4312876c36fe9da386f7d10115cc87a Size/MD5 checksum: 438438 d37c7460ca2f4a848b4d441d90911d9a Size/MD5 checksum: 33282 5f42aacc153fda5b4feac0932455b956 Size/MD5 checksum: 64622 aa402be8bab600e6f9a7cc901e11be8b mipsel architecture (MIPS (Little Endian)) Size/MD5 checksum: 417812 71a8ae7e5cf51716c6c78debc31ce6a2 Size/MD5 checksum: 64644 133bbfcee5935a205eb131dc9f363c08 Size/MD5 checksum: 33654 2b6df5a12a8f3457ee6e6353a73ed7f0 Size/MD5 checksum: 432074 ef11cd7c26b5330fbf1b744559cd8c14 Size/MD5 checksum: 271738 ee6ee78ba71e8977f4c6ad954f5356f6 powerpc architecture (PowerPC) Size/MD5 checksum: 64012 33554371d96a8d344f673f7310dbba34 Size/MD5 checksum: 556868 b313c676177281c3f6a9c38d9304a741 Size/MD5 checksum: 433912 d51594790fad947486d48a744abf2823 Size/MD5 checksum: 350286 59f98436ea6d2fe90a980fe3ce133db4 Size/MD5 checksum: 33998 1db2f2c7241c8274316c82e353213e00 s390 architecture (IBM S/390) Size/MD5 checksum: 33560 7c3edeff7fd589d901f5c1dc67468c0c Size/MD5 checksum: 371182 7ef2888222cf6fd4f2751e140fc6f77b Size/MD5 checksum: 291818 063df1d6823a3489d3d859100bbe067a Size/MD5 checksum: 432386 6f88d4af48ee49e29f548ebde7308a43 Size/MD5 checksum: 63462 f6850ab5eb5acd7a870664fef6ec520c sparc architecture (Sun SPARC/UltraSPARC) Size/MD5 checksum: 58698 128e8fa3ec781b8a4bc8cdae7438ef40 Size/MD5 checksum: 379330 865d453bb4f80590a0d267b7aa8c5a84 Size/MD5 checksum: 432042 9a9fc3e7a5db34850ed2fabf9465a214 Size/MD5 checksum: 553276 1d2d44e03ec1230a13442b4c72333906 Size/MD5 checksum: 31910 f9d4ef0ffe87192ac5410b456b9c2eaf These files will probably be moved into the stable distribution on its next update. - ---------------------------------------------------------------------------------For apt-get: deb https://www.debian.org/security/ stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . The DSA-1626-1 advisory details a critical vulnerability in Httrack, a widely used website copier, highlighting a buffer overflow risk for Debian users.. Httrack Security Advisory, Buffer Overflow Risk, Debian Fix, Code Execution Threat. . Severity: Important. LinuxSecurity.com Team
Aug 01, 2008
•Important
Debian
Refine advisories
