Debian: New netkit-telnet-ssl packages fix arbitrary code execution
Summary
- --------------------------------------------------------------------------Debian Security Advisory DSA 699-1 security@debian.org http://www.debian.org/security/ Martin Schulze March 29th, 2005 http://www.debian.org/security/faq - --------------------------------------------------------------------------Package : netkit-telnet-ssl Vulnerability : buffer overflow Problem-Type : remote Debian-specific: no CVE ID : CAN-2005-0469 iDEFENSE researchers discovered a buffer overflow in the handling of the LINEMODE suboptions in telnet clients. This can lead to the execution of arbitrary code when connected to a malicious server. For the stable distribution (woody) this problem has been fixed in version 0.17.17+0.1-2woody4. For the unstable distribution (sid) this problem will be fixed soon. We recommend that you upgrade your telnet-ssl package. Upgrade Instructions - --------------------wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.0 alias woody - -------------------------------- Source archives: Size/MD5 checksum: 669 edcae9a56571c23861cc772d116f6d9b Size/MD5 checksum: 9099 0c6a68a7522269cb7c7f18e08e9f3228 Size/MD5 checksum: 167658 faf2d112bc4d44f522bad3bc73da8d6d Alpha architecture: Size/MD5 checksum: 101196 46f45337d4a60eb738b077770e3aa2a4 Size/MD5 checksum: 57024 b2a33f4b5143da8a36ee78b75850c6c2 ARM architecture: Size/MD5 checksum: 85194 1db7e7432d8025531b869ae5c737014b Size/MD5 checksum: 48596 ad29db7a35ad3ee4e3d2c5c411b0edb9 Intel IA-32 architecture: Size/MD5 checksum: 85608 6b9e94d7acf3274a62a78e98b069060b Size/MD5 checksum: 46730 09bf8699c1af6a5f4f9e913d7ef92759 Intel IA-64 architecture: Size/MD5 checksum: 123272 d81d94ec52c655bb8496bf126c9077aa Size/MD5 checksum: 66728 e1879d40f611846bb7f787245feb8fee HP Precision architecture: Size/MD5 checksum: 86624 677730710e0adac9cb6cbe1d1cca742b Size/MD5 checksum: 54054 df3349ebb866ada9bc08a3dabf681bcc Motorola 680x0 architecture: Size/MD5 checksum: 81534 9007bc1b9ce71d54eda4da588269e39b Size/MD5 checksum: 45494 8bd015cf665ed260e8943aaf9a88d5a9 Big endian MIPS architecture: Size/MD5 checksum: 97454 ad228bd9d0353478740fde78095b8332 Size/MD5 checksum: 52346 b22cdea93cc2d406144f7797918ba348 Little endian MIPS architecture: Size/MD5 checksum: 97292 fe280b5296350918ef3f99bd86c1e3e8 Size/MD5 checksum: 52334 816d5bce2968f676d3261a1d3e9e5e21 PowerPC architecture: Size/MD5 checksum: 88238 c0b09580e81ff24c5e04d7ae0e859645 Size/MD5 checksum: 48882 f1ab39899f6b2892cae81b8b4dfb2d16 IBM S/390 architecture: Size/MD5 checksum: 88746 b4a754f74fe3bc462488c62a137fa422 Size/MD5 checksum: 50562 fe91806b369af4ff31030c1079b7b9bd Sun Sparc architecture: Size/MD5 checksum: 89356 dd5d9462b3b86d40f0f67a9ec86adc57 Size/MD5 checksum: 54646 5d694a26621ef73ce5d2c0e6ed9bc887 These files will probably be moved into the stable distribution on its next update. - ---------------------------------------------------------------------------------For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org