LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: November 21st, 2014
Linux Security Week: November 17th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Debian: netpbm-free denial of service vulnerability Print E-mail
User Rating:      How can I rate this item?
Posted by LinuxSecurity.com Team   
Debian These vulnerabilities may allow remote attackers to cause a denial of service or execute arbitrary code.

- --------------------------------------------------------------------------
Debian Security Advisory DSA 263-1                     security@debian.org 
http://www.debian.org/security/                             Martin Schulze
March 17th, 2003                         http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : netpbm-free
Vulnerability  : math overflow errors
Problem-Type   : remote
Debian-specific: no
CVE Id         : CAN-2003-0146
CERT advisory  : VU#378049 VU#630433

Al Viro and Alan Cox discovered several maths overflow errors in
NetPBM, a set of graphics conversion tools.  These programs are not
installed setuid root but are often installed to prepare data for
processing.  These vulnerabilities may allow remote attackers to cause
a denial of service or execute arbitrary code.

For the stable distribution (woody) this problem has been
fixed in version 9.20-8.2.

The old stable distribution (potato) does not seem to be affected
by this problem.

For the unstable distribution (sid) this problem has been
fixed in version 9.20-9.

We recommend that you upgrade your netpbm package.


Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.0 alias woody
- --------------------------------

  Source archives:

     http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm-free_9.20-8.2.dsc
      Size/MD5 checksum:      662 1c8d2ac6308e12bd407551f0a239709e
     http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm-free_9.20-8.2.diff.gz
      Size/MD5 checksum:    48519 15bdcd7cdbbd33e4eafedc4224ec158a
     http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm-free_9.20.orig.tar.gz
      Size/MD5 checksum:  1882851 0f153116c21bc7d2e167e574a486c22f

  Alpha architecture:

     http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_9.20-8.2_alpha.deb
      Size/MD5 checksum:    77636 fbd95c88eec1506033829ef65a56b033
     http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_9.20-8.2_alpha.deb
      Size/MD5 checksum:   135348 d6fc73f5432869a4c8c20d6a6d202a3e
     http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_9.20-8.2_alpha.deb
      Size/MD5 checksum:  1412714 9c508ca408fbc5f6a03f5a2e320cad60

  ARM architecture:

     http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_9.20-8.2_arm.deb
      Size/MD5 checksum:    64038 5d2ff5816d2bc9f5b9b8f6555c0dc365
     http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_9.20-8.2_arm.deb
      Size/MD5 checksum:   125450 3422bd71d85d14d950f4b490ea7fcb14
     http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_9.20-8.2_arm.deb
      Size/MD5 checksum:  1127198 ff627c8920c5bd9c3420a7182e07a764

  Intel IA-32 architecture:

     http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_9.20-8.2_i386.deb
      Size/MD5 checksum:    62358 89e5f42f2d3a11b4b7c9dc27b996324d
     http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_9.20-8.2_i386.deb
      Size/MD5 checksum:   103340 0f0c7e2bbbeb897bc1993ce2ca2dee06
     http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_9.20-8.2_i386.deb
      Size/MD5 checksum:  1078350 415a6018874f103405739bb92d718100

  Intel IA-64 architecture:

     http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_9.20-8.2_ia64.deb
      Size/MD5 checksum:    96448 65abd6e7e2945f52cc31727d5c2d48b1
     http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_9.20-8.2_ia64.deb
      Size/MD5 checksum:   170308 05e9e8e8b00f1fcba4511cb55b8be368
     http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_9.20-8.2_ia64.deb
      Size/MD5 checksum:  1608002 84bca62575bc798425e65ce0733fde65

  HP Precision architecture:

     http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_9.20-8.2_hppa.deb
      Size/MD5 checksum:    83808 6c997768d27d95ff71247ab15a63dad1
     http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_9.20-8.2_hppa.deb
      Size/MD5 checksum:   122828 dab9d6a493a3bb46393c7302a44accf7
     http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_9.20-8.2_hppa.deb
      Size/MD5 checksum:  1337162 054e5945f8146d45a1b178ca95658b12

  Motorola 680x0 architecture:

     http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_9.20-8.2_m68k.deb
      Size/MD5 checksum:    61934 bb0176c0eed79eafa32cbc8f5a99dfdf
     http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_9.20-8.2_m68k.deb
      Size/MD5 checksum:   102168 96dbb5b18d035271df0f0869c133bd67
     http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_9.20-8.2_m68k.deb
      Size/MD5 checksum:  1015872 2623494e16dd50bd501a3a997728d171

  Big endian MIPS architecture:

     http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_9.20-8.2_mips.deb
      Size/MD5 checksum:    66786 d5c5c8489604d78caaa22848a550c45d
     http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_9.20-8.2_mips.deb
      Size/MD5 checksum:   123388 0857fec48f758c7bc03970c1fe10e380
     http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_9.20-8.2_mips.deb
      Size/MD5 checksum:  1180196 a4d7a426394a49a5bb45016e07968f6f

  Little endian MIPS architecture:

     http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_9.20-8.2_mipsel.deb
      Size/MD5 checksum:    66634 662ea4730741b05828f05dfddcf3f898
     http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_9.20-8.2_mipsel.deb
      Size/MD5 checksum:   123470 258d8c25b158c9aed55ca834978ee187
     http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_9.20-8.2_mipsel.deb
      Size/MD5 checksum:  1179396 9683bc1daf0995513ed0e4da45b9f049

  PowerPC architecture:

     http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_9.20-8.2_powerpc.deb
      Size/MD5 checksum:    68820 82bca6ab6d5de943fc679720e3f0ab41
     http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_9.20-8.2_powerpc.deb
      Size/MD5 checksum:   117740 58cf095d8d6f3412f1f77dcbe6937c55
     http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_9.20-8.2_powerpc.deb
      Size/MD5 checksum:  1153158 b7f77f69d770e60a72f6ac871b6aac5c

  IBM S/390 architecture:

     http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_9.20-8.2_s390.deb
      Size/MD5 checksum:    66578 0e30246acdafd967fe8ec9bc7498471a
     http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_9.20-8.2_s390.deb
      Size/MD5 checksum:   115954 a78fc5ce68c4d4f2048e0a710d549387
     http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_9.20-8.2_s390.deb
      Size/MD5 checksum:  1129792 70e64ceb300ce172d4d0bb70d1882857

  Sun Sparc architecture:

     http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_9.20-8.2_sparc.deb
      Size/MD5 checksum:    65178 51ecb73928e1174549858df7bfbab9d0
     http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_9.20-8.2_sparc.deb
      Size/MD5 checksum:   118504 a1d655dea3f122cc5306e23e4cfb6d5b
     http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_9.20-8.2_sparc.deb
      Size/MD5 checksum:  1435110 6d59d67b733a674d107750e850216f6a


  These files will probably be moved into the stable distribution on
  its next revision.

- ---------------------------------------------------------------------------------
For apt-get: deb  http://security.debian.org/ stable/updates main
For dpkg-ftp:  ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and  http://packages.debian.org/


 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Google Removes SSLv3 Fallback Support From Chrome
Hacker Lexicon: What Is End-to-End Encryption?
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.