LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: November 21st, 2014
Linux Security Week: November 17th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Debian: 'mc' local DoS Print E-mail
User Rating:      How can I rate this item?
Posted by LinuxSecurity.com Team   
Debian cons.saver does not check if it is started with a valid stdout, potentially causing a denial of service.

-----BEGIN PGP SIGNED MESSAGE-----

- ------------------------------------------------------------------------
Debian Security Advisory                             security@debian.org 
http://www.debian.org/security/                         Wichert Akkerman
November 25, 2000
- ------------------------------------------------------------------------


Package        : mc
Problem type   : local DoS
Debian-specific: no

Maurycy Prodeus found a problem in cons.saver, a screensaver for
the console that is included in the mc package. cons.saver does not
check if it is started with a valid stdout, which combined with a
bug in its check to see if its argument is a tty (it forgot to
close the file-descriptor after opening the supposed tty) causes it
to write a NUL character to the file given as its parameter.

This has been fixed in version 4.5.42-11.

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.


Debian GNU/Linux 2.2 alias potato
- ---------------------------------

  Potato was released for alpha, arm, i386, m68k, powerpc and sparc.

  Source archives:
     http://security.debian.org/dists/stable/updates/main/source/mc_4.5.42-11.potato.5.diff.gz
      MD5 checksum: 98428eb4284349e15b21b2cd36fbf55d
     http://security.debian.org/dists/stable/updates/main/source/mc_4.5.42-11.potato.5.dsc
      MD5 checksum: f6bfd1c1c458247e49ec1f73a8da5a47
     http://security.debian.org/dists/stable/updates/main/source/mc_4.5.42.orig.tar.gz
      MD5 checksum: 0d2e63dd4b0c0a3d4d6c5933187ba222

  Alpha architecture:
     http://security.debian.org/dists/stable/updates/main/binary-alpha/gmc_4.5.42-11.potato.5_alpha.deb
      MD5 checksum: 778a5121ae88e6dd5921ce65159a8f62
     http://security.debian.org/dists/stable/updates/main/binary-alpha/mc-common_4.5.42-11.potato.5_alpha.deb
      MD5 checksum: b33dab94b93fe534fb448ad6ab5c2d3d
     http://security.debian.org/dists/stable/updates/main/binary-alpha/mc_4.5.42-11.potato.5_alpha.deb
      MD5 checksum: 8fc235ecf3f4d39db8b6d264a99bcc88

  ARM architecture:
     http://security.debian.org/dists/stable/updates/main/binary-arm/gmc_4.5.42-11.potato.5_arm.deb
      MD5 checksum: 41de0eced28ed9962cf3cd7744e25842
     http://security.debian.org/dists/stable/updates/main/binary-arm/mc-common_4.5.42-11.potato.5_arm.deb
      MD5 checksum: b99c2bfcb69adcc103760542c18870fc
     http://security.debian.org/dists/stable/updates/main/binary-arm/mc_4.5.42-11.potato.5_arm.deb
      MD5 checksum: 93c09c57cb6cd99908999764ecc955cf

  Intel ia32 architecture:
     http://security.debian.org/dists/stable/updates/main/binary-i386/gmc_4.5.42-11.potato.5_i386.deb
      MD5 checksum: 13e981aac3e5562cd10354af83a756c5
     http://security.debian.org/dists/stable/updates/main/binary-i386/mc-common_4.5.42-11.potato.5_i386.deb
      MD5 checksum: 3bd645c007bef90220f48bf3e8b451e8
     http://security.debian.org/dists/stable/updates/main/binary-i386/mc_4.5.42-11.potato.5_i386.deb
      MD5 checksum: ffb14638ea3bdcd5faa8e49e7611266b

  Motorola 680x0 architecture:
     http://security.debian.org/dists/stable/updates/main/binary-m68k/gmc_4.5.42-11.potato.5_m68k.deb
      MD5 checksum: b63de3e53f49b188e5a516dac57185bf
     http://security.debian.org/dists/stable/updates/main/binary-m68k/mc-common_4.5.42-11.potato.5_m68k.deb
      MD5 checksum: 8ba419260b77557da2cfd4f867cddc73
     http://security.debian.org/dists/stable/updates/main/binary-m68k/mc_4.5.42-11.potato.5_m68k.deb
      MD5 checksum: d49246c914ad48fa0fdfdc08e5150635

  PowerPC architecture:
     http://security.debian.org/dists/stable/updates/main/binary-powerpc/gmc_4.5.42-11.potato.5_powerpc.deb
      MD5 checksum: 165eb728fc75d5ee4ebadad0609a8350
     http://security.debian.org/dists/stable/updates/main/binary-powerpc/mc-common_4.5.42-11.potato.5_powerpc.deb
      MD5 checksum: 0cee7ec7bc646a3987a7571a36446f1e
     http://security.debian.org/dists/stable/updates/main/binary-powerpc/mc_4.5.42-11.potato.5_powerpc.deb
      MD5 checksum: 14628f3fdc3cd10eb81e5458cb5f49a5

  Sun Sparc architecture:
     http://security.debian.org/dists/stable/updates/main/binary-sparc/gmc_4.5.42-11.potato.5_sparc.deb
      MD5 checksum: 44893268efa32df9867088cffa2c2f4d
     http://security.debian.org/dists/stable/updates/main/binary-sparc/mc-common_4.5.42-11.potato.5_sparc.deb
      MD5 checksum: a6e92192b8b5ea7dc91f8607adddcddd
     http://security.debian.org/dists/stable/updates/main/binary-sparc/mc_4.5.42-11.potato.5_sparc.deb
      MD5 checksum: 9e18fc005fffdb0e08c44c32df8b2e50

  These files will be moved into
   ftp://ftp.debian.org/debian/dists/stable/*/binary-$arch/ soon.

For not yet released architectures please refer to the appropriate
directory  ftp://ftp.debian.org/debian/dists/sid/binary-$arch/ .

- -- 
- ----------------------------------------------------------------------------
apt-get: deb  http://security.debian.org/ stable/updates main
dpkg-ftp:  ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: noconv

iQB1AwUBOh8ZHajZR/ntlUftAQErhAL/RhjW44ivPCrcwDvXqWonER3Kb0JSZGqp
xg4nDLXKZCx6n1EBOuaKkUH3au4xIcW6OkwUNbIN2CIWr22RZyIFN8PlcYIaJbx1
k8qg9jwhT7n7CaghAjEv4Y0q40kWsrRz
=iJdl
-----END PGP SIGNATURE-----



 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.