[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

security updates webpage

I asked a couple of weeks ago about the debian security page, and said
that I'd keep one up to date if no one else wanted to. Since there still
isn't anything there, here's my (admittedly hurried) version. If people
think this is useful and want it on the website, I'll check it over more
thoroughly and send it to the webmaster. (I based this on the security
announce list, and I seem to remember some updates that didn't show up
there. I also didn't check the links very carefully, I just wanted to
put something together quickly.)

Mike Stone
Title: Debian GNU/Linux Security Information
[Debian Logo] Debian GNU/Linux
Home About Debian News Distribution Support Development Search

Security Information

The following is a list of packages with security problems reported since the release of Debian 2.0:

hylafax-doc

Date: 27 Aug 1998

Description: We have received a report that the faxsurvey script that was included in former releases of hylafax would execute arbitrary commands. Please be warned that this package doesn't contain a fix, the offending script is just removed.

Availability: Updated versions of the hylafax software were included in the Debian 2.0r1 release. These versions are also available via ftp:

cfingerd

Date: 27 Aug 1998

Description: We have received a report that a user can execute arbitrary commands from a .plan or .project file. While the option that would allow this is disabled by default the system is vulnerable if the system admin had this option enabled.

Availability: An updated version of cfingerd was released in Debian 2.0r1. This version is also available via ftp.

mutt

Date: 27 Aug 1998

Description: We have received a report from Paul Boehm stating that Mutt has an overflowable buffer in parse.c. When sending malicious mail you can execute arbitary code on the mutt running user's system. We recommend you upgrade your Mutt package immediately.

Availability: An updated version was shipped with Debian 2.0r1. This version is also available via ftp.

ncurses3.4

Date: 27 Aug 1998

Description: We have received a report that using ncurses in setuid programs will give the user a way to open arbitrary files.

Availability: An updated version was shipped with Debian 2.0r1. This version is also available via ftp.

eperl

Date: 27 Aug 1998

Description: We have received a report from Tiago Luz Pinto that the eperl package included in 2.0 misinterprets ISINDEX queries. This can lead to arbitrary Perl code being executed on the server.

Availability: An updated version of this package was released with Debian 2.0r1. This version is also available via ftp.

lpr

Date: 27 Aug 1998

Description: We have received reports that buffer overflows in lprm may allow users to gain root access to the local system. We recommend that you use the binaries from hamm or any newer release.

Availability: No versions of lpr in Debian 2.0 and later are vulnerable to this exploit.

apache

Date: 28 Aug 1998

Description: We have received a report from Dag-Erling Coidan Smørgrav who says that the apache as distributed with Debian GNU/Linux 2.0 is vulnerable to a denial of services exploit, where repeated, identical headers can consume O(n^2) memory.

Availability: An updated version of apache was included with Debian 2.0r1. This version is also available via ftp.

bsdgames

Date: 28 Aug 1998

Description: The game sail as provided by the bsdgames package contained a /tmp race. This has been fixed.

Availability: An updated version of this package was included with Debian 2.0r1. This version is also available via ftp.

seyon

Date: 29 Aug 1998

Description: We have received a report from SGI that a vulnerability has been discovered in the seyon program. This can lead to a root compromise. Any user who can execute the seyon program can exploit this vulnerability.

Availability: Since a root compromise needs an executable that runs as root we tend to believe that this needs a setuid seyon. The Seyon package as provided with Debian GNU/Linux does not run setuid root. Thus we doubt that the seyon package as provided with Debian GNU/Linux can be used to exploit root if you don't change the default behavior.

minicom

Date: 1 Sep 1998

Description: Recent messages on a computer security forum have again reported that there are buffer overflows in minicom. These can lead into root exploits if the program is installed setuid root.

Availability: Debian GNU/Linux 2.0 is not vulnerable to this exploit. The program minicom as shipped with the distribution is not installed setuid root. This is not needed on a Debian GNU/Linux system.

netstd

Date: 4 Sep 1998

Description: The Program rpc.mountd is a mount daemon that handles NFS mounts. The version as shipped with current distributions of Linux contains a buffer overflow. The overflow can be used as part of an attack to gain root access on the machine acting NFS server.

Availability: An updated version of this package is available via ftp.

bind; dnsutils

Date: 5 Sep 1998

Description: We have received reports that the nslookup and dig utilities as shipped with current distribution of Linux contain possible buffer overflows. We recommend you upgrade your bind package immediately.

Availability: Updated versions of these packages have been released via ftp.

bash, bash-builtins

Date: 9 Sep 1998

Description: We have received reports that the bash shell had a problem with very long pathnames. When a very long path was encountered bash failed to check the result of getcwd() in all places, which could be exploited.

Availability: New versions of these packages are available via ftp.

tcsh

Date: 22 Sep 1998

Description: We have found that the tcsh shell had a problem with very long pathnames. When a very long path was encountered tcsh failed to check the result of getcwd() in all places, which could be exploited.

Availability: A new version of this package has been released and is available via ftp.

Mike Stone
Last modified: Sat Oct 24 23:50:37 EDT 1998
Copyright © 1997-1998 SPI; See license terms.
Reply to: