Re: [SECURITY] [DSA 2373-1] inetutils security update

To: "debian-security@lists.debian.org" <debian-security@lists.debian.org>
Cc: "debian-security-announce@lists.debian.org" <debian-security-announce@lists.debian.org>
Subject: Re: [SECURITY] [DSA 2373-1] inetutils security update
From: Leonhard Minutillo <el@null2.net>
Date: Sun, 25 Dec 2011 18:49:11 +0100
Message-id: <[🔎] 7EB34931-7C99-492D-BEFF-97FB0265808A@null2.net>
In-reply-to: <87k45k7etl.fsf@mid.deneb.enyo.de>
References: <87k45k7etl.fsf@mid.deneb.enyo.de>

g dennoch 

Von meinem iPhone gesendet

Am 25.12.2011 um 18:15 schrieb Florian Weimer <fw@deneb.enyo.de>:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> - -------------------------------------------------------------------------
> Debian Security Advisory DSA-2373-1                   security@debian.org
> http://www.debian.org/security/                            Florian Weimer
> December 25, 2011                      http://www.debian.org/security/faq
> - -------------------------------------------------------------------------
> 
> Package        : inetutils
> Vulnerability  : buffer overflow
> Problem type   : remote
> Debian-specific: no
> CVE ID         : CVE-2011-4862
> 
> It was discovered that the Kerberos support for telnetd contains a
> pre-authentication buffer overflow, which may enable remote attackers
> who can connect to the Telnet to execute arbitrary code with root
> privileges.
> 
> For the oldstable distribution (lenny), this problem has been fixed in
> version 2:1.5.dfsg.1-9+lenny1.
> 
> For the stable distribution (squeeze), this problem has been fixed in
> version 2:1.6-3.1+squeeze1.
> 
> For the testing distribution (wheezy) and the unstable distribution
> (sid), this problem will be fixed soon.
> 
> We recommend that you upgrade your inetutils packages.
> 
> Further information about Debian Security Advisories, how to apply
> these updates to your system and frequently asked questions can be
> found at: http://www.debian.org/security/
> 
> Mailing list: debian-security-announce@lists.debian.org
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (GNU/Linux)
> 
> iQEcBAEBAgAGBQJO91XCAAoJEL97/wQC1SS+6XcH/iiEPh9fJIlA721vvYHyJVXM
> m/YKIr1mvzf7EWBTaCGRrGeL7hb3942PsPGvDwVVI5Ewtqq3bYimERZsbA/s/pIW
> SpDyr/fWfQEpuol36b0QpkUYSlRWHRT2M7NUrmkD6mKNWq6eeYxPWoIF9luBlY3v
> 6Z+WnUGKoV3/2trx0g5o8tttNidCNjeLu/jf6b6b/owLyIT7zgNtXdiZRySWT6Sk
> 4K5/gycscLwf8XfVnyHZP1xptm8kk43BTo5d2EcqA4RkK9TuLr6IqsPMozgF5+MA
> 1T/Png7IdI33F8TpmMANVXzi2L0GmPJmAhN83uod9WtWXDvORBFZ44sYtwq1if8=
> =yGPu
> -----END PGP SIGNATURE-----
> 
> 
> -- 
> To UNSUBSCRIBE, email to debian-security-announce-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> Archive: http://lists.debian.org/87k45k7etl.fsf@mid.deneb.enyo.de
>

Reply to:

Prev by Date: Re: local authentication spoofing using libnss-ldap
Next by Date: Informations
Previous by thread: Re: local authentication spoofing using libnss-ldap
Next by thread: Informations
Index(es):
- Date
- Thread