Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:14088
HistoryAug 30, 2006 - 12:00 a.m.

[Full-disclosure] [SECURITY] [DSA 1163-1] New gtetrinet packages fix arbitrary code execution

2006-08-3000:00:00
vulners.com
12
JSON

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Debian Security Advisory DSA 1163-1 [email protected]
http://www.debian.org/security/ Martin Schulze
August 30th, 2006 http://www.debian.org/security/faq

Package : gtetrinet
Vulnerability : programming error
Problem type : remote
Debian-specific: no
CVE ID : CVE-2006-3125

Michael Gehring discovered several potential out-of-bounds index
accesses in gtetrinet, a multiplayer Tetris-like game, which may allow
a remove server to execute arbitrary code.

For the stable distribution (sarge) these problems have been fixed in
version 0.7.8-1sarge2.

For the unstable distribution (sid) these problems will be fixed soon.

We recommend that you upgrade your gtetrinet package.

Upgrade Instructions

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given at the end of this advisory:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.1 alias sarge

Source archives:

http://security.debian.org/pool/updates/main/g/gtetrinet/gtetrinet_0.7.8-1sarge2.dsc
  Size/MD5 checksum:     1458 f0e79e08b32da17b7fec81953058bfd6
http://security.debian.org/pool/updates/main/g/gtetrinet/gtetrinet_0.7.8-1sarge2.diff.gz
  Size/MD5 checksum:     6536 8e5ec47971abaefe25c81eddbd08df03
http://security.debian.org/pool/updates/main/g/gtetrinet/gtetrinet_0.7.8.orig.tar.gz
  Size/MD5 checksum:   513790 bff5b52ead863ac2ac859880abbab2c4

Alpha architecture:

http://security.debian.org/pool/updates/main/g/gtetrinet/gtetrinet_0.7.8-1sarge2_alpha.deb
  Size/MD5 checksum:   305500 ada4429dedbe5c2a6481e2a0a7c2b8aa

AMD64 architecture:

http://security.debian.org/pool/updates/main/g/gtetrinet/gtetrinet_0.7.8-1sarge2_amd64.deb
  Size/MD5 checksum:   295034 657a0a323a479444ed04becdd494726d

ARM architecture:

http://security.debian.org/pool/updates/main/g/gtetrinet/gtetrinet_0.7.8-1sarge2_arm.deb
  Size/MD5 checksum:   289166 7fceb7b8fd84d2e4e4792222e1ea74bf

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/g/gtetrinet/gtetrinet_0.7.8-1sarge2_i386.deb
  Size/MD5 checksum:   291430 8e395773c184dfdb379342fc3805e9ce

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/g/gtetrinet/gtetrinet_0.7.8-1sarge2_ia64.deb
  Size/MD5 checksum:   316198 76659d5ee5072dfb30c58d9967239936

HP Precision architecture:

http://security.debian.org/pool/updates/main/g/gtetrinet/gtetrinet_0.7.8-1sarge2_hppa.deb
  Size/MD5 checksum:   297686 c55008b4d7d679311a41a331cd3fc437

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/g/gtetrinet/gtetrinet_0.7.8-1sarge2_m68k.deb
  Size/MD5 checksum:   284212 9b70187f40dac186929be12f38c900dc

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/g/gtetrinet/gtetrinet_0.7.8-1sarge2_mips.deb
  Size/MD5 checksum:   291736 9a30091ac2ab35a65bb4f0689dca0705

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/g/gtetrinet/gtetrinet_0.7.8-1sarge2_mipsel.deb
  Size/MD5 checksum:   290484 1fc68ebb2e3ea41326500e6394c41a6e

PowerPC architecture:

http://security.debian.org/pool/updates/main/g/gtetrinet/gtetrinet_0.7.8-1sarge2_powerpc.deb
  Size/MD5 checksum:   293458 8b005ce2049acc89205c9aa74dd3fc4f

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/g/gtetrinet/gtetrinet_0.7.8-1sarge2_s390.deb
  Size/MD5 checksum:   295194 2fc0597edcad6cc1af5d7b08c734ae08

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/g/gtetrinet/gtetrinet_0.7.8-1sarge2_sparc.deb
  Size/MD5 checksum:   289322 e944d44ed1aa2e9ae32d9d8571affd33

These files will probably be moved into the stable distribution on
its next update.

For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: [email protected]
Package info: `apt-cache show <pkg>' and http://packages.debian.org/&lt;pkg&gt;

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFE9aDTW5ql+IAeqTIRAsueAKCY2HDPMsy7JRPI6QsBZBEJDDoD0QCfblE2
jQ1NIFLKDlHpIpdBCxxa3RE=
=WMbc
-----END PGP SIGNATURE-----

Related

nessus 4
openvas 6
cve 1
ubuntucve 1
debiancve 1
debian 1
gentoo 1
freebsd 1
nessus
nessus
Debian DSA-1163-1 : gtetrinet - programming error
2006-10-14 00:00:00
openSUSE 10 Security Update : gtetrinet (gtetrinet-2018)
2007-10-17 00:00:00
GLSA-200609-02 : GTetrinet: Remote code execution
2006-09-12 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200609-02 (GTetrinet)
2008-09-24 00:00:00
FreeBSD Ports: gtetrinet
2008-09-04 00:00:00
Debian Security Advisory DSA 1163-1 (gtetrinet)
2008-01-17 00:00:00
cve
cve
CVE-2006-3125
2006-08-31 21:04:00
ubuntucve
ubuntucve
CVE-2006-3125
2006-08-31 00:00:00
debiancve
debiancve
CVE-2006-3125
2006-08-31 21:04:00
debian
debian
[SECURITY] [DSA 1163-1] New gtetrinet packages fix arbitrary code execution
2006-08-30 14:29:39
gentoo
gentoo
GTetrinet: Remote code execution
2006-09-06 00:00:00
freebsd
freebsd
gtetrinet -- remote code execution
2006-08-30 00:00:00
JSON
Related for SECURITYVULNS:DOC:14088
nessus4openvas6cve1ubuntucve1debiancve1debian1gentoo1freebsd1