exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

debian.userv.txt

debian.userv.txt
Posted Jul 27, 2000
Site debian.org

Debian Security Advisory - The version of userv that was distributed with Debian GNU/Linux 2.1 had a problem in the fd swapping algorithm: it could sometimes make an out-of-bounds array reference. It is possible for local users to abuse this to carry out unauthorised actions or be able to take control for service user accounts.

tags | local
systems | linux, debian
SHA-256 | 714809e4a9e81e073e0999b21f4d27e00b008501ab642f5084bbcf66a81670f6
Download | Favorite | View

debian.userv.txt

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----

       - ------------------------------------------------------------------------
       Debian Security Advisory                             security@debian.org
       http://www.debian.org/security/                         Wichert Akkerman
       July 27, 2000
       - ------------------------------------------------------------------------


       Package        : userv
       Problem type   : local exploit
       Debian-specific: no

       The version of userv that was distributed with Debian GNU/Linux 2.1 / slink
       had a problem in the fd swapping algorithm: it could sometimes make an
       out-of-bounds array reference. It might be possible for local users
       to abuse this to carry out unauthorised actions or be able to take
       control for service user accounts.

       This has been fixed in version 1.0.1.0slink for Debian 2.1, and
       version 1.0.1.1potato for Debian 2.2 .

       We recommend you upgrade your uesrv package immediately.

       wget url
               will fetch the file for you
       dpkg -i file.deb
               will install the referenced file.

       Debian GNU/Linux 2.1 alias slink
       - --------------------------------

         This version of Debian was released only for Intel, the Motorola
         680x0, the alpha and the Sun sparc architecture.


         Source archives:
           http://security.debian.org/dists/stable/updates/source/userv_1.0.1.0slink.dsc
             MD5 checksum: 473a8fe477d20614aad97f538896969a
           http://security.debian.org/dists/stable/updates/source/userv_1.0.1.0slink.tar.gz
             MD5 checksum: 40b052547e2ea9fa69a12ee24dfe2af7                                

         Alpha architecture:
           http://security.debian.org/dists/stable/updates/binary-alpha/userv_1.0.1.0slink_alpha.deb
             MD5 checksum: 4934d1163e2e5fbb2d74d5a949089aa7                                         

         Intel ia32 architecture:                                                                                        
           http://security.debian.org/dists/stable/updates/binary-i386/userv_1.0.1.0slink_i386.deb
             MD5 checksum: ebf8d6cd431e94b6e731636d1d61440e                                       

         Motorola 680x0 architecture:
           http://security.debian.org/dists/stable/updates/binary-m68k/userv_1.0.1.0slink_m68k.deb
              MD5 checksum: b59d78066362bce1f91005891958c362                                      

         Sun Sparc architecture:
           http://security.debian.org/dists/stable/updates/binary-sparc/userv_1.0.1.0slink_sparc.deb
             MD5 checksum: ab880dac8965d99ca64044c0ef438975                                         


       Debian GNU/Linux 2.2 alias potato
       - ---------------------------------

         Please note that woody has not been released yet. However since potato
         is very close to being release security updates are already being made            
         available on security.debian.org.

         Potato will be release for alpha, arm, i386, m68k, powerpc and sparc.
         However at this moment fixes are not available for all architectures.                      
         Packages for architectures not mentioned here will be available
         shortly on security.debian.org .                                                                                


         Source archives:
           http://security.debian.org/dists/potato/updates/main/source/userv_1.0.1.1potato.dsc
             MD5 checksum: 1a92258cecdb878ddd2f58cd03bd59b1
           http://security.debian.org/dists/potato/updates/main/source/userv_1.0.1.1potato.tar.gz 
             MD5 checksum: ddf8df51026a1b880dc95f9ca04a6deb                                      

         Alpha architecture:
           http://security.debian.org/dists/potato/updates/main/binary-alpha/userv_1.0.1.1potato_alpha.deb
             MD5 checksum: 81d800fb0b29ef48f8b8bbc20e2b2ec1                                               

         Intel ia32 architecture:
           http://security.debian.org/dists/potato/updates/main/binary-i386/userv_1.0.1.1potato_i386.deb
             MD5 checksum: 82752bd8dcc7ec1e187b6d9cfe7403d0                                             

         Sun Sparc architecture:
           http://security.debian.org/dists/potato/updates/main/binary-sparc/userv_1.0.1.1potato_sparc.deb
             MD5 checksum: 019430e9ffdff374a87e0003da16b97b                                               

         These files will be moved into
         ftp://ftp.debian.org/debian/dists/stable/*/binary-$arch/ soon. 


       For not yet released architectures please refer to the appropriate
       directory ftp://ftp.debian.org/debian/dists/sid/binary-$arch/ .

       - --
       - ----------------------------------------------------------------------------
       For apt-get: deb http://security.debian.org/ stable updates                               
       For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates
       Mailing list: debian-security-announce@lists.debian.org

       -----BEGIN PGP SIGNATURE-----
       Version: 2.6.3ia
       Charset: noconv

       iQB1AwUBOX+hYqjZR/ntlUftAQH3jQL8DWzpNJPb0+2OzvdA8WtkSfxV9EOx+7GC                                 
       jbaaG5W9SdqAecsC0GoZ+iIe0FKgl5w9fi8cV58nQ8jIRrffge/2yNeDoiBFWa9N
       U14VykcNt4k+O57jNR9DDQ0MiNkS8O5X
       =2eI1
       -----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close