Debian: 1.2a7-11 Critical: Ntop Buffer Overflow Remote Exploit
debian
August 29, 2000
Ntop was still exploitable using bufferoverflows
Topics Covered
Summary
Package : ntop
Problem type : remote exploit
Debian-specific: no
The updated version of ntop (1.2a7-10) that was released on August 5
was found to still be insecure: it was still exploitable using buffer
overflows. Using this technique it was possible to run arbitrary code
as the user who ran ntop in web mode.
In order to permantly fix these problems an updated package has
been released that disables web mode completely. The version of
this fix is 1.2a7-11.
We recommend you upgrade or remove your ntop package immediately.
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
Debian GNU/Linux 2.2 alias potato
Potato was released for the alpha, arm, i386, m68k, powerpc and sparc
architectures.
Source archives:
MD5 checksum: 798e3abfbe608877c657e7a2657127e6
MD5 checksum: 7c49065aba86e19061ccbc84f5c3f911
MD5 checksum: 9031a2001935b7a4882f8427f0edea15
Alpha architecture:
MD5 checksum: d4f9e4250dae...
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!