Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Sign up!
EnGarde Community
What is the most important Linux security technology?
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Latest Newsletters
Linux Security Week: March 30th, 2015
Linux Advisory Watch: March 27th, 2015
LinuxSecurity Newsletters
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

Debian: 'gpm' local root vulnerability Print E-mail
User Rating:      How can I rate this item?
Posted by Team   
Debian Among other problems, the gpm-root program contains a format stringvulnerability, which allows an attacker to gain root privileges.

Debian Security Advisory DSA-095-1                             Robert van der Meulen
December 27, 2001

Package        : gpm
Problem type   : local root vulnerability
Debian-specific: no

The package 'gpm' contains the 'gpm-root' program, which can be used to
create mouse-activated menus on the console.
Among other problems, the gpm-root program contains a format string
vulnerability, which allows an attacker to gain root privileges.

This has been fixed in version 1.17.8-18.1, and we recommend that you upgrade
your 1.17.8-18 package immediately.

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

Debian GNU/Linux 2.2 alias potato

  Potato was released for alpha, arm, i386, m68k, powerpc and sparc.

  Source archives:
      MD5 checksum: 8c48aa1656391d3755c289a87db13bf0
      MD5 checksum: bafbe8ffe73d3b5783e9841f1894af77
      MD5 checksum: 9d50c299bf925996546efaf32de1db7b

  Alpha architecture:
      MD5 checksum: 0e50705cadfd58777d02fa6806c10bdf
      MD5 checksum: cbeeeac3795318255126814d71b7b945
      MD5 checksum: f5dd9e395259b037d20e013e112a55e8

  ARM architecture:
      MD5 checksum: 6b41896ddfed4a119d17e5d8e8391384
      MD5 checksum: f02444fc5a9a6a7c7da0e1cb19df24a6
      MD5 checksum: 0ae3eb96377394d65e0e8031d0019147

  Intel IA-32 architecture:
      MD5 checksum: 18c837abec8360db146681d2a713177a
      MD5 checksum: f60aa2b9720ee597f18fa3fa86a8af6e
      MD5 checksum: 815a1e90fe36e603f0803f92b6898f19
      MD5 checksum: 514a1baee569e548349f7c4dc2941f3d
      MD5 checksum: 52014c36f8155a0c89e9ade02d91cdbe

  Motorola 680x0 architecture:
      MD5 checksum: ce61772d26c799bce33d729ed7fc67b7
      MD5 checksum: 923894ee7bdc1a8e648881eaf5f372da
      MD5 checksum: 019de1ecb144e3d10b5978ea640a24c4
      MD5 checksum: 88d75f4b1f85e6aee903f886b311e127
      MD5 checksum: 1ea940b2e3c5d7fade43d75ed3253569

  PowerPC architecture:
      MD5 checksum: aa2415e6f489af235e173d6d5a69b05f
      MD5 checksum: cd823ce39eb4125ed4a8dd0c17362107
      MD5 checksum: 0188cb6c4ffd82a146812e53c1387918

  Sun Sparc architecture:
      MD5 checksum: b703c2e30b52446508f18951551839a3
      MD5 checksum: b8a75b6ab45f649b9e458cf778545a9e
      MD5 checksum: fa4ae1bda04f3b13622d6e6bc9ffcb35
  These packages will be moved into the stable distribution on its next

For not yet released architectures please refer to the appropriate
directory$arch/ .
apt-get: deb stable/updates main
dpkg-ftp: dists/stable/updates/main
Mailing list:

< Prev   Next >


Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Feds Charged With Stealing Money During Silk Road Investigation
EFF questions US government's software flaw disclosure policy
Hotel Router Vulnerability A Reminder Of Untrusted WiFi Risks
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2015 Guardian Digital, Inc. All rights reserved.