Archive : 1999 : september : debamd - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku
Новости
Debian Security Advisory




- ------------------------------------------------------------------------

Debian Security Advisory                             security@debian.org

http://www.debian.org/security/                         Wichert Akkerman

October 18, 1999

- ------------------------------------------------------------------------





The version of amd that was distributed with Debian GNU/Linux 2.1 is

vulnerable to a remote exploit. This was fixed in version 23.0slink1.

However that fix contained an error which has been fixed in version

upl102-23.slink2.



Here is the problem description from the previous fix:

  Passing a big directory name to amd its logging code would overflow a

  buffer which could be exploited. This has been fixed in version

  23.0slink1.



We recommand that you upgrade your amd package immediately.



wget url

        will fetch the file for you

dpkg -i file.deb

        will install the referenced file.



Debian GNU/Linux 2.1 alias slink

- --------------------------------



  This version of Debian was released only for Intel, the Motorola

  680x0, the alpha and the Sun sparc architecture.



  Source archives:

    http://security.debian.org/dists/stable/updates/source/amd_upl102-23.slink2.di

ff.gz

      MD5 checksum: 30a6710a9e3fb6dcf46ec7491d157807

    http://security.debian.org/dists/stable/updates/source/amd_upl102-23.slink2.ds

c

      MD5 checksum: 290f37dc51c2ed86400176fa9bef15ea

    http://security.debian.org/dists/stable/updates/source/amd_upl102.orig.tar.gz




      MD5 checksum: 76c61a893523001961437475ee2f79c5



  Intel ia32 architecture:

    http://security.debian.org/dists/stable/updates/binary-i386/amd_upl102-23.slin

k2_i386.deb

      MD5 checksum: c732a6033245daf368fc1cf77718113e



  Motorola 680x0 architecture:

    http://security.debian.org/dists/stable/updates/binary-m68k/amd_upl102-23.slin

k2_m68k.deb

      MD5 checksum: fe4f88cb3db1c18aeb132d2f60c6e732



  Sun Sparc architecture:

    http://security.debian.org/dists/stable/updates/binary-sparc/amd_upl102-23.sli

nk2_sparc.deb

      MD5 checksum: 9f05a455a3be2d237f4bcf093e1696b9