Subject: [SECURITY] Debian not vulnerable to recent minicom exploit

To: Debian Security Announcements <debian-security-announce@lists.debian.org>
Subject: Subject: [SECURITY] Debian not vulnerable to recent minicom exploit
From: Martin Schulze <joey@kuolema.Infodrom.North.DE>
Date: Tue, 1 Sep 1998 00:07:43 +0200
Message-id: <[🔎] 19980901000743.N7484@kuolema.Infodrom.North.DE>
Reply-to: security@debian.org

Description
-----------

    Recent messages on a computer security forum have again reported
    that there are buffer overflows in minicom.  These can lead into
    root exploits if the program is installed setuid root.

Vulnerability
-------------

    Debian GNU/Linux 2.0 is *not* vulnerable to this exploit.

    The program minicom as shipped with the distribution is not
    installed setuid root.  This is not needed on a Debian GNU/Linux
    system.

--
Debian GNU/Linux    .    Security Managers    .    security@debian.org
              debian-security-announce@lists.debian.org
Christian Hudon <chrish@debian.org> . Martin Schulze <joey@debian.org>

Attachment: pgpZurLZhvEMV.pgp
Description: PGP signature

Reply to:

Prev by Date: [SECURITY] Seyon is vulnerable to a root exploit
Next by Date: [SECURITY] New versions of netstd fixes root exploit in rpc.mountd
Previous by thread: [SECURITY] Seyon is vulnerable to a root exploit
Next by thread: [SECURITY] New versions of netstd fixes root exploit in rpc.mountd
Index(es):
- Date
- Thread