exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

dsa-602.txt

dsa-602.txt
Posted Dec 11, 2004
Site debian.org

Debian Security Advisory 602-1 - Wait.. No.. what is this? Even more potential integer overflows have been found in the GD graphics library which were not covered by security advisory DSA 589 and DSA 601. They could be exploited by a specially crafted graphic and could lead to the execution of arbitrary code on the victim's machine.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2004-0941, CVE-2004-0990
SHA-256 | 5aa52586a3e7c7fca87c947b2bcf703e4fec57e6bd5e72e8b8687fc94417c86f

dsa-602.txt

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 602-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
November 29th, 2004 http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package : libgd2
Vulnerability : integer overflow
Problem-Type : remote
Debian-specific: no
CVE ID : CAN-2004-0941 CAN-2004-0990

More potential integer overflows have been found in the GD graphics
library which weren't covered by our security advisory DSA 591. They
could be exploited by a specially crafted graphic and could lead to
the execution of arbitrary code on the victim's machine.

For the stable distribution (woody) these problems have been fixed in
version 2.0.1-10woody2.

For the unstable distribution (sid) these problems will be fixed soon.

We recommend that you upgrade your libgd2 packages.


Upgrade Instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.0 alias woody
- --------------------------------

Source archives:

http://security.debian.org/pool/updates/main/libg/libgd2/libgd2_2.0.1-10woody2.dsc
Size/MD5 checksum: 705 1d2cc9219ddb2b7aa2966529cf3bc9a7
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2_2.0.1-10woody2.diff.gz
Size/MD5 checksum: 9617 1086d76096e77001fbba0f2a1c6059a8
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2_2.0.1.orig.tar.gz
Size/MD5 checksum: 436945 43af994a97f3300a1165ca4888176ece

Alpha architecture:

http://security.debian.org/pool/updates/main/libg/libgd2/libgd-tools_2.0.1-10woody2_alpha.deb
Size/MD5 checksum: 19612 d8e0f6c33ded095632f70bceff42c902
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2_2.0.1-10woody2_alpha.deb
Size/MD5 checksum: 134116 337b21a9138da8f5b9ba1b4ccf4760d0
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-dev_2.0.1-10woody2_alpha.deb
Size/MD5 checksum: 161990 e48689243cb8cf857aff43f54766b83f
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm_2.0.1-10woody2_alpha.deb
Size/MD5 checksum: 133478 7635ffe6ed708c1d12ff0aec06cbf1f8

ARM architecture:

http://security.debian.org/pool/updates/main/libg/libgd2/libgd-tools_2.0.1-10woody2_arm.deb
Size/MD5 checksum: 16678 9d87fe62796182b01405f09ef4031811
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2_2.0.1-10woody2_arm.deb
Size/MD5 checksum: 123176 b2684677aa60a8def6a771a3602d3c12
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-dev_2.0.1-10woody2_arm.deb
Size/MD5 checksum: 150024 a046e85434b31854f1f5c997e9c3ea27
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm_2.0.1-10woody2_arm.deb
Size/MD5 checksum: 122514 033146ae522a41a8efdca70f7dc3ecfb

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/libg/libgd2/libgd-tools_2.0.1-10woody2_i386.deb
Size/MD5 checksum: 16556 c0c113933c4bb677f4763689942bde11
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2_2.0.1-10woody2_i386.deb
Size/MD5 checksum: 122904 ea468d664be2a7672f4c5856ef953f56
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-dev_2.0.1-10woody2_i386.deb
Size/MD5 checksum: 144664 74eebdfad50dec6c551ca6409646b8e0
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm_2.0.1-10woody2_i386.deb
Size/MD5 checksum: 122354 b1e823ea997b3665e28dcd5df5d565f0

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/libg/libgd2/libgd-tools_2.0.1-10woody2_ia64.deb
Size/MD5 checksum: 19884 1a2a378fa128e54aab768e40c4e8cc17
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2_2.0.1-10woody2_ia64.deb
Size/MD5 checksum: 151472 6b8055f52467d9c43e38f444dd731c89
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-dev_2.0.1-10woody2_ia64.deb
Size/MD5 checksum: 177078 27c0631cef98d8602dfed8b772c2450a
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm_2.0.1-10woody2_ia64.deb
Size/MD5 checksum: 150532 fb9c8afc9b895967ba3cae6ff2b74452

HP Precision architecture:

http://security.debian.org/pool/updates/main/libg/libgd2/libgd-tools_2.0.1-10woody2_hppa.deb
Size/MD5 checksum: 17726 beb91da619465a73ab4fc90935f86108
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2_2.0.1-10woody2_hppa.deb
Size/MD5 checksum: 134078 e99fe164ac8cc74d6c4c9c0d1ecc541a
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-dev_2.0.1-10woody2_hppa.deb
Size/MD5 checksum: 158574 2f0566bb2871a391495e42627d7e705a
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm_2.0.1-10woody2_hppa.deb
Size/MD5 checksum: 133518 2e55dadfe4ea416b0ec74c20680a06eb

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/libg/libgd2/libgd-tools_2.0.1-10woody2_m68k.deb
Size/MD5 checksum: 16438 a863dc05c5565f5359881fcc49040aeb
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2_2.0.1-10woody2_m68k.deb
Size/MD5 checksum: 119870 fe27169e9dc7b3e9413e1f4ebdf9b02b
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-dev_2.0.1-10woody2_m68k.deb
Size/MD5 checksum: 141724 70e95f0f20d21c495bdfc8d4dced972d
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm_2.0.1-10woody2_m68k.deb
Size/MD5 checksum: 119350 152b2d46cf82c97d75bc9ccf51e6ecc6

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/libg/libgd2/libgd-tools_2.0.1-10woody2_mips.deb
Size/MD5 checksum: 16444 a152fba2273b6b54ae18448ae67392c2
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2_2.0.1-10woody2_mips.deb
Size/MD5 checksum: 126318 bb4e835619a3443300586605f16fe4af
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-dev_2.0.1-10woody2_mips.deb
Size/MD5 checksum: 155760 002ce559170228161da9caffaf776741
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm_2.0.1-10woody2_mips.deb
Size/MD5 checksum: 125662 88899f0ae15e1ea2a11fcde9dcab0f4f

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/libg/libgd2/libgd-tools_2.0.1-10woody2_mipsel.deb
Size/MD5 checksum: 16368 e344c32a505c139e9789adabddb1c986
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2_2.0.1-10woody2_mipsel.deb
Size/MD5 checksum: 126540 6f260950974335ad39c57c4350e50b61
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-dev_2.0.1-10woody2_mipsel.deb
Size/MD5 checksum: 155890 c8c4dc6d12355235c14e6ede8011e259
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm_2.0.1-10woody2_mipsel.deb
Size/MD5 checksum: 125878 016b32057da5be715b5ebf7c5b5357a4

PowerPC architecture:

http://security.debian.org/pool/updates/main/libg/libgd2/libgd-tools_2.0.1-10woody2_powerpc.deb
Size/MD5 checksum: 16890 308133d8ad1da9f48ec94a3f08e70e8f
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2_2.0.1-10woody2_powerpc.deb
Size/MD5 checksum: 126636 d7690253a70b57bdc0169209b4fd7561
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-dev_2.0.1-10woody2_powerpc.deb
Size/MD5 checksum: 152556 65d26bd5c7ef02258bb2b06a28328699
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm_2.0.1-10woody2_powerpc.deb
Size/MD5 checksum: 125914 55f702e8918e631c1dfb72f1932624f4

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/libg/libgd2/libgd-tools_2.0.1-10woody2_s390.deb
Size/MD5 checksum: 17718 e38089edf1722e2cda69ace4423f1fce
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2_2.0.1-10woody2_s390.deb
Size/MD5 checksum: 126340 bbd375aeda1a9a0caca229c152efcd8e
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-dev_2.0.1-10woody2_s390.deb
Size/MD5 checksum: 147102 42d0dc54e0b4b75734b81d5f7c608fc6
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm_2.0.1-10woody2_s390.deb
Size/MD5 checksum: 125702 8e131f35632284e63eb28ed880a63920

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/libg/libgd2/libgd-tools_2.0.1-10woody2_sparc.deb
Size/MD5 checksum: 16810 63fd97e9700109cfe69266d49bb47472
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2_2.0.1-10woody2_sparc.deb
Size/MD5 checksum: 125274 d3055730f788964a930308d6be184b4d
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-dev_2.0.1-10woody2_sparc.deb
Size/MD5 checksum: 148672 16373aa1fe4f1afcf4e4244910b3bb4f
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm_2.0.1-10woody2_sparc.deb
Size/MD5 checksum: 124302 ee59db0d17b4222018c166805d02d2b8


These files will probably be moved into the stable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)

iD8DBQFBq0b1W5ql+IAeqTIRAhlJAJ9otS96on/CoR8GqTbhcaiWE32YewCfWK+F
XP5DUA10O4828fwRWuRiF34=
=YsrM
-----END PGP SIGNATURE-----

Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close