LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: April 21st, 2014
Linux Security Week: April 7th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Debian: 'gpm' local root vulnerability Print E-mail
User Rating:      How can I rate this item?
Posted by LinuxSecurity.com Team   
Debian Among other problems, the gpm-root program contains a format stringvulnerability, which allows an attacker to gain root privileges.

------------------------------------------------------------------------
Debian Security Advisory DSA-095-1                   security@debian.org 
http://www.debian.org/security/                    Robert van der Meulen
December 27, 2001
------------------------------------------------------------------------


Package        : gpm
Problem type   : local root vulnerability
Debian-specific: no

The package 'gpm' contains the 'gpm-root' program, which can be used to
create mouse-activated menus on the console.
Among other problems, the gpm-root program contains a format string
vulnerability, which allows an attacker to gain root privileges.

This has been fixed in version 1.17.8-18.1, and we recommend that you upgrade
your 1.17.8-18 package immediately.

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.


Debian GNU/Linux 2.2 alias potato
---------------------------------

  Potato was released for alpha, arm, i386, m68k, powerpc and sparc.

  Source archives:
     http://security.debian.org/dists/stable/updates/main/source/gpm_1.17.8-18.1.diff.gz
      MD5 checksum: 8c48aa1656391d3755c289a87db13bf0
     http://security.debian.org/dists/stable/updates/main/source/gpm_1.17.8-18.1.dsc
      MD5 checksum: bafbe8ffe73d3b5783e9841f1894af77
     http://security.debian.org/dists/stable/updates/main/source/gpm_1.17.8.orig.tar.gz
      MD5 checksum: 9d50c299bf925996546efaf32de1db7b

  Alpha architecture:
     http://security.debian.org/dists/stable/updates/main/binary-alpha/gpm_1.17.8-18.1_alpha.deb
      MD5 checksum: 0e50705cadfd58777d02fa6806c10bdf
     
http://security.debian.org/dists/stable/updates/main/binary-alpha/libgpmg1-dev_1.17.8-18.1_alpha.deb
      MD5 checksum: cbeeeac3795318255126814d71b7b945
     
http://security.debian.org/dists/stable/updates/main/binary-alpha/libgpmg1_1.17.8-18.1_alpha.deb
      MD5 checksum: f5dd9e395259b037d20e013e112a55e8

  ARM architecture:
     http://security.debian.org/dists/stable/updates/main/binary-arm/gpm_1.17.8-18.1_arm.deb
      MD5 checksum: 6b41896ddfed4a119d17e5d8e8391384
     
http://security.debian.org/dists/stable/updates/main/binary-arm/libgpmg1-dev_1.17.8-18.1_arm.deb
      MD5 checksum: f02444fc5a9a6a7c7da0e1cb19df24a6
     http://security.debian.org/dists/stable/updates/main/binary-arm/libgpmg1_1.17.8-18.1_arm.deb
      MD5 checksum: 0ae3eb96377394d65e0e8031d0019147

  Intel IA-32 architecture:
     http://security.debian.org/dists/stable/updates/main/binary-i386/gpm_1.17.8-18.1_i386.deb
      MD5 checksum: 18c837abec8360db146681d2a713177a
     
http://security.debian.org/dists/stable/updates/main/binary-i386/libgpm1-altdev_1.17.8-18.1_i386.deb
      MD5 checksum: f60aa2b9720ee597f18fa3fa86a8af6e
     http://security.debian.org/dists/stable/updates/main/binary-i386/libgpm1_1.17.8-18.1_i386.deb
      MD5 checksum: 815a1e90fe36e603f0803f92b6898f19
     
http://security.debian.org/dists/stable/updates/main/binary-i386/libgpmg1-dev_1.17.8-18.1_i386.deb
      MD5 checksum: 514a1baee569e548349f7c4dc2941f3d
     
http://security.debian.org/dists/stable/updates/main/binary-i386/libgpmg1_1.17.8-18.1_i386.deb
      MD5 checksum: 52014c36f8155a0c89e9ade02d91cdbe

  Motorola 680x0 architecture:
     http://security.debian.org/dists/stable/updates/main/binary-m68k/gpm_1.17.8-18.1_m68k.deb
      MD5 checksum: ce61772d26c799bce33d729ed7fc67b7
     
http://security.debian.org/dists/stable/updates/main/binary-m68k/libgpm1-altdev_1.17.8-18.1_m68k.deb
      MD5 checksum: 923894ee7bdc1a8e648881eaf5f372da
     http://security.debian.org/dists/stable/updates/main/binary-m68k/libgpm1_1.17.8-18.1_m68k.deb
      MD5 checksum: 019de1ecb144e3d10b5978ea640a24c4
     
http://security.debian.org/dists/stable/updates/main/binary-m68k/libgpmg1-dev_1.17.8-18.1_m68k.deb
      MD5 checksum: 88d75f4b1f85e6aee903f886b311e127
     
http://security.debian.org/dists/stable/updates/main/binary-m68k/libgpmg1_1.17.8-18.1_m68k.deb
      MD5 checksum: 1ea940b2e3c5d7fade43d75ed3253569

  PowerPC architecture:
     
http://security.debian.org/dists/stable/updates/main/binary-powerpc/gpm_1.17.8-18.1_powerpc.deb
      MD5 checksum: aa2415e6f489af235e173d6d5a69b05f
     
http://security.debian.org/dists/stable/updates/main/binary-powerpc/libgpmg1-dev_1.17.8-18.1_powerpc.deb
      MD5 checksum: cd823ce39eb4125ed4a8dd0c17362107
     
http://security.debian.org/dists/stable/updates/main/binary-powerpc/libgpmg1_1.17.8-18.1_powerpc.deb
      MD5 checksum: 0188cb6c4ffd82a146812e53c1387918

  Sun Sparc architecture:
     http://security.debian.org/dists/stable/updates/main/binary-sparc/gpm_1.17.8-18.1_sparc.deb
      MD5 checksum: b703c2e30b52446508f18951551839a3
     
http://security.debian.org/dists/stable/updates/main/binary-sparc/libgpmg1-dev_1.17.8-18.1_sparc.deb
      MD5 checksum: b8a75b6ab45f649b9e458cf778545a9e
     
http://security.debian.org/dists/stable/updates/main/binary-sparc/libgpmg1_1.17.8-18.1_sparc.deb
      MD5 checksum: fa4ae1bda04f3b13622d6e6bc9ffcb35
  These packages will be moved into the stable distribution on its next
  revision.

For not yet released architectures please refer to the appropriate
directory  ftp://ftp.debian.org/debian/dists/sid/binary-$arch/ .
--
----------------------------------------------------------------------------
apt-get: deb  http://security.debian.org/ stable/updates main
dpkg-ftp:  ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org



 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.