LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: October 17th, 2014
Linux Security Week: October 13th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Debian: purity buffer overflows Print E-mail
User Rating:      How can I rate this item?
Posted by LinuxSecurity.com Team   
Debian Two buffer overflows have been discovered in purity, a game for nerds and hackers, which is installed setgid games on a Debian system. This problem could be exploited to gain unauthorized access to the group games. A malicious user could alter the highscore of several games.

- --------------------------------------------------------------------------
Debian Security Advisory DSA 166-1                     security@debian.org 
http://www.debian.org/security/ Martin Schulze
September 13th, 2002                     http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : purity
Vulnerability  : buffer overflows
Problem-Type   : local
Debian-specific: no

Two buffer overflows have been discovered in purity, a game for nerds
and hackers, which is installed setgid games on a Debian system.  This
problem could be exploited to gain unauthorized access to the group
games.  A malicious user could alter the highscore of several games.

This problem has been fixed in version 1-14.2 for the current stable
distribution (woody), in version 1-9.1 for the old stable distribution
(potato) and in version 1-16 for the unstable distribution (sid).

We recommend that you upgrade your purity packages.

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 2.2 alias potato
- ---------------------------------

  Source archives:

     http://security.debian.org/pool/updates/main/p/purity/purity_1-9.1.dsc
Size/MD5 checksum:      513 a7a4276a6c694131a5b3bd58703c8c05
     http://security.debian.org/pool/updates/main/p/purity/purity_1-9.1.diff.gz
Size/MD5 checksum:     5147 db47d2d1f51b5f8c97bcb93974b7b5cf
     http://security.debian.org/pool/updates/main/p/purity/purity_1.orig.tar.gz
Size/MD5 checksum:    22249 19cbbd136a94aae3d175d8ccc963368d

  Alpha architecture:

     http://security.debian.org/pool/updates/main/p/purity/purity_1-9.1_alpha.deb
Size/MD5 checksum:    29176 f69989e76361e30813eb233aa500b9c6

  ARM architecture:

     http://security.debian.org/pool/updates/main/p/purity/purity_1-9.1_arm.deb
Size/MD5 checksum:    27762 169dce544dcab575cc126800eeabb6ce

  Intel IA-32 architecture:

     http://security.debian.org/pool/updates/main/p/purity/purity_1-9.1_i386.deb
Size/MD5 checksum:    27404 6eb60f91f4cd3730bef018115268c568

  Motorola 680x0 architecture:

     http://security.debian.org/pool/updates/main/p/purity/purity_1-9.1_m68k.deb
Size/MD5 checksum:    26934 d1337244388c4b5a183b379e34b37fd1

  PowerPC architecture:

     http://security.debian.org/pool/updates/main/p/purity/purity_1-9.1_powerpc.deb
Size/MD5 checksum:    27760 140ce3d691acc98c27dd6851972db0e9

  Sun Sparc architecture:

     http://security.debian.org/pool/updates/main/p/purity/purity_1-9.1_sparc.deb
Size/MD5 checksum:    29952 cb2b48e0465b48b89b220feb30818113


Debian GNU/Linux 3.0 alias woody
- --------------------------------

  Source archives:

     http://security.debian.org/pool/updates/main/p/purity/purity_1-14.2.dsc
Size/MD5 checksum:      550 8e669427422857640b0531e3566706f9
     http://security.debian.org/pool/updates/main/p/purity/purity_1-14.2.diff.gz
Size/MD5 checksum:     6171 6901ba40ea0938bab43a893e4f75da8a
     http://security.debian.org/pool/updates/main/p/purity/purity_1.orig.tar.gz
Size/MD5 checksum:    22249 19cbbd136a94aae3d175d8ccc963368d

  Alpha architecture:

     http://security.debian.org/pool/updates/main/p/purity/purity_1-14.2_alpha.deb
Size/MD5 checksum:    28890 ecb67c79c8047cc631cf63d6fcd93996

  ARM architecture:

     http://security.debian.org/pool/updates/main/p/purity/purity_1-14.2_arm.deb
Size/MD5 checksum:    27434 6bb8ed0579e96fcff971086d750937ce

  Intel IA-32 architecture:

     http://security.debian.org/pool/updates/main/p/purity/purity_1-14.2_i386.deb
Size/MD5 checksum:    26906 7ec62b9371253879b93fe6db0ef75945

  Intel IA-64 architecture:

     http://security.debian.org/pool/updates/main/p/purity/purity_1-14.2_ia64.deb
Size/MD5 checksum:    30694 7c26d3db982acf14a2e8133cf204e164

  HP Precision architecture:

     http://security.debian.org/pool/updates/main/p/purity/purity_1-14.2_hppa.deb
Size/MD5 checksum:    29234 ceb6569248e96d1fd415de15f8f26370

  Motorola 680x0 architecture:

     http://security.debian.org/pool/updates/main/p/purity/purity_1-14.2_m68k.deb
Size/MD5 checksum:    26560 4385599f2f16238c4b2628c9a8fc54cc

  Big endian MIPS architecture:

     http://security.debian.org/pool/updates/main/p/purity/purity_1-14.2_mips.deb
Size/MD5 checksum:    27798 e6b360203cd31c13f19d5bc257684f64

  Little endian MIPS architecture:

     http://security.debian.org/pool/updates/main/p/purity/purity_1-14.2_mipsel.deb
Size/MD5 checksum:    27756 12bb21c88be3011bfd50045a73361255

  PowerPC architecture:

     http://security.debian.org/pool/updates/main/p/purity/purity_1-14.2_powerpc.deb
Size/MD5 checksum:    27306 c782697984b5e8ae83ed16c594d80437

  IBM S/390 architecture:

     http://security.debian.org/pool/updates/main/p/purity/purity_1-14.2_s390.deb
Size/MD5 checksum:    27624 c370933a2db896857c5fa3bb86a2a2db

  Sun Sparc architecture:

     http://security.debian.org/pool/updates/main/p/purity/purity_1-14.2_sparc.deb
Size/MD5 checksum:    29980 e48dcb304202e2e29634bd51dbd307a3


  These files will probably be moved into the stable distribution on
  its next revision.

- ---------------------------------------------------------------------------------
For apt-get: deb  http://security.debian.org/ stable/updates main
For dpkg-ftp:  ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and  http://packages.debian.org/;


 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Weekend Edition
The Hacktivist as Angry Young Man
The Hacker Wars Hits NYC
CAINE Linux Distribution Helps Investigators With Forensic Analysis
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.