exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

dsa-590.txt

dsa-590.txt
Posted Nov 10, 2004
Site debian.org

Debian Security Advisory 590-1 - Khan Shirani discovered a format string vulnerability in gnats, the GNU problem report management system. This problem may be exploited to execute arbitrary code.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2004-0623
SHA-256 | 003edaa09e05f34991c3b13efb82a96a16b8b67162fd2a345235220b28eb9b6c

dsa-590.txt

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 590-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
November 9th, 2004 http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package : gnats
Vulnerability : format string vulnerability
Problem-Type : remote
Debian-specific: no
CVE ID : CAN-2004-0623
BugTraq ID : 10609
Debian Bug : 278577

Khan Shirani discovered a format string vulnerability in gnats, the
GNU problem report management system. This problem may be exploited
to execute arbitrary code.

For the stable distribution (woody) this problem has been fixed in
version 3.999.beta1+cvs20020303-2.

For the unstable distribution (sid) this problem has been fixed in
version 4.0-7.

We recommend that you upgrade your gnats package.


Upgrade Instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.0 alias woody
- --------------------------------

Source archives:

http://security.debian.org/pool/updates/main/g/gnats/gnats_3.999.beta1+cvs20020303-2.dsc
Size/MD5 checksum: 572 a50e8e6bcea84deb584a0427bfdbc96d
http://security.debian.org/pool/updates/main/g/gnats/gnats_3.999.beta1+cvs20020303-2.tar.gz
Size/MD5 checksum: 1570021 b0f7f28328e21a7ce35e3315bf2bca0b

Alpha architecture:

http://security.debian.org/pool/updates/main/g/gnats/gnats_3.999.beta1+cvs20020303-2_alpha.deb
Size/MD5 checksum: 1050882 f604c53e94753708ff44e533c39c43e2
http://security.debian.org/pool/updates/main/g/gnats/gnats-user_3.999.beta1+cvs20020303-2_alpha.deb
Size/MD5 checksum: 685026 6185e02fc2775180bf2c5ec11239b69a

ARM architecture:

http://security.debian.org/pool/updates/main/g/gnats/gnats_3.999.beta1+cvs20020303-2_arm.deb
Size/MD5 checksum: 880912 3d2662f156e638cd1a52fd609dcab941
http://security.debian.org/pool/updates/main/g/gnats/gnats-user_3.999.beta1+cvs20020303-2_arm.deb
Size/MD5 checksum: 602334 8fa0573e4f85c9363d53c6020b88ddd9

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/g/gnats/gnats_3.999.beta1+cvs20020303-2_i386.deb
Size/MD5 checksum: 866718 341223ed8802f9db37d635f885aeea18
http://security.debian.org/pool/updates/main/g/gnats/gnats-user_3.999.beta1+cvs20020303-2_i386.deb
Size/MD5 checksum: 592452 d02b91bae6efc9628aab7d53236c6a7b

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/g/gnats/gnats_3.999.beta1+cvs20020303-2_ia64.deb
Size/MD5 checksum: 1242616 2365d9b58be38a9ab75550c14aa021c0
http://security.debian.org/pool/updates/main/g/gnats/gnats-user_3.999.beta1+cvs20020303-2_ia64.deb
Size/MD5 checksum: 778954 72a9110a68fbba73b5c8ed6427ce18df

HP Precision architecture:

http://security.debian.org/pool/updates/main/g/gnats/gnats_3.999.beta1+cvs20020303-2_hppa.deb
Size/MD5 checksum: 983490 b5f6d8bbff6ac02830b01a4e02284e75
http://security.debian.org/pool/updates/main/g/gnats/gnats-user_3.999.beta1+cvs20020303-2_hppa.deb
Size/MD5 checksum: 652166 7c5057561328f30ec1177054ed57e638

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/g/gnats/gnats_3.999.beta1+cvs20020303-2_m68k.deb
Size/MD5 checksum: 822588 a539353ebf28be0523f808c1e1a4ca64
http://security.debian.org/pool/updates/main/g/gnats/gnats-user_3.999.beta1+cvs20020303-2_m68k.deb
Size/MD5 checksum: 572790 472ed96d0bbbc993e0321af5d83bf394

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/g/gnats/gnats_3.999.beta1+cvs20020303-2_mips.deb
Size/MD5 checksum: 975242 e11de0c1cc6e7e85321411cd1066602a
http://security.debian.org/pool/updates/main/g/gnats/gnats-user_3.999.beta1+cvs20020303-2_mips.deb
Size/MD5 checksum: 644922 85b1d1e6146c3bcdc655f1d120fc3361

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/g/gnats/gnats_3.999.beta1+cvs20020303-2_mipsel.deb
Size/MD5 checksum: 973682 aaf838802193112d9ec2ffaeec9ef65f
http://security.debian.org/pool/updates/main/g/gnats/gnats-user_3.999.beta1+cvs20020303-2_mipsel.deb
Size/MD5 checksum: 645350 6cc250414c90dc14ffebce38846c3cf7

PowerPC architecture:

http://security.debian.org/pool/updates/main/g/gnats/gnats_3.999.beta1+cvs20020303-2_powerpc.deb
Size/MD5 checksum: 909244 51c380ca38ba98a93312edfb99431da7
http://security.debian.org/pool/updates/main/g/gnats/gnats-user_3.999.beta1+cvs20020303-2_powerpc.deb
Size/MD5 checksum: 614968 dcb3e1db579471f1dabc73d8a75b52ac

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/g/gnats/gnats_3.999.beta1+cvs20020303-2_s390.deb
Size/MD5 checksum: 895272 649ee321f435ee1340f854387fa66c67
http://security.debian.org/pool/updates/main/g/gnats/gnats-user_3.999.beta1+cvs20020303-2_s390.deb
Size/MD5 checksum: 607174 2993bb4ebe7845926dee6641362569f2

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/g/gnats/gnats_3.999.beta1+cvs20020303-2_sparc.deb
Size/MD5 checksum: 898306 602f6382b3bef02e9d4e2a8009c46212
http://security.debian.org/pool/updates/main/g/gnats/gnats-user_3.999.beta1+cvs20020303-2_sparc.deb
Size/MD5 checksum: 608376 3f6bab03dd22a70e2007f1cb16f7b996


These files will probably be moved into the stable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)

iD8DBQFBkOdYW5ql+IAeqTIRAuXrAJ9DhxYBMhOGkoeGSNH4SABTsSnSVACfWTam
vhOieU/C/dfKFmxKpkEIlp8=
=hhzi
-----END PGP SIGNATURE-----

Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close