Re: [SECURITY] [DSA 2373-1] inetutils security update
g dennoch
Von meinem iPhone gesendet
Am 25.12.2011 um 18:15 schrieb Florian Weimer <fw@deneb.enyo.de>:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> - -------------------------------------------------------------------------
> Debian Security Advisory DSA-2373-1 security@debian.org
> http://www.debian.org/security/ Florian Weimer
> December 25, 2011 http://www.debian.org/security/faq
> - -------------------------------------------------------------------------
>
> Package : inetutils
> Vulnerability : buffer overflow
> Problem type : remote
> Debian-specific: no
> CVE ID : CVE-2011-4862
>
> It was discovered that the Kerberos support for telnetd contains a
> pre-authentication buffer overflow, which may enable remote attackers
> who can connect to the Telnet to execute arbitrary code with root
> privileges.
>
> For the oldstable distribution (lenny), this problem has been fixed in
> version 2:1.5.dfsg.1-9+lenny1.
>
> For the stable distribution (squeeze), this problem has been fixed in
> version 2:1.6-3.1+squeeze1.
>
> For the testing distribution (wheezy) and the unstable distribution
> (sid), this problem will be fixed soon.
>
> We recommend that you upgrade your inetutils packages.
>
> Further information about Debian Security Advisories, how to apply
> these updates to your system and frequently asked questions can be
> found at: http://www.debian.org/security/
>
> Mailing list: debian-security-announce@lists.debian.org
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (GNU/Linux)
>
> iQEcBAEBAgAGBQJO91XCAAoJEL97/wQC1SS+6XcH/iiEPh9fJIlA721vvYHyJVXM
> m/YKIr1mvzf7EWBTaCGRrGeL7hb3942PsPGvDwVVI5Ewtqq3bYimERZsbA/s/pIW
> SpDyr/fWfQEpuol36b0QpkUYSlRWHRT2M7NUrmkD6mKNWq6eeYxPWoIF9luBlY3v
> 6Z+WnUGKoV3/2trx0g5o8tttNidCNjeLu/jf6b6b/owLyIT7zgNtXdiZRySWT6Sk
> 4K5/gycscLwf8XfVnyHZP1xptm8kk43BTo5d2EcqA4RkK9TuLr6IqsPMozgF5+MA
> 1T/Png7IdI33F8TpmMANVXzi2L0GmPJmAhN83uod9WtWXDvORBFZ44sYtwq1if8=
> =yGPu
> -----END PGP SIGNATURE-----
>
>
> --
> To UNSUBSCRIBE, email to debian-security-announce-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> Archive: http://lists.debian.org/87k45k7etl.fsf@mid.deneb.enyo.de
>
Reply to: