Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Sign up!
EnGarde Community
What is the most important Linux security technology?
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Latest Newsletters
Linux Security Week: March 23rd, 2015
Linux Advisory Watch: March 20th, 2015
LinuxSecurity Newsletters
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

Debian: New dhis-tools-dns packages fix insecure temporary file creation Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Debian Updated package.
- --------------------------------------------------------------------------
Debian Security Advisory DSA 928-1                                        Martin Schulze
December 27th, 2005           
- --------------------------------------------------------------------------

Package        : dhis-tools-dns
Vulnerability  : insecure temporary file
Problem type   : local
Debian-specific: no
CVE ID         : CVE-2005-3341

Javier Fern�ndez-Sanguino Pe�a from the Debian Security Audit project
discovered that two scripts in the dhis-tools-dns package, DNS
configuration utilities for a dynamic host information System, which
are usually executed by root, create temporary files in an insecure

The old stable distribution (woody) does not contain a dhis-tools-dns

For the stable distribution (sarge) these problems have been fixed in
version 5.0-3sarge1.

For the unstable distribution (sid) these problems have been fixed in
version 5.0-5.

We recommend that you upgrade your dhis-tools-dns package.

Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.1 alias sarge
- --------------------------------

  Source archives:
      Size/MD5 checksum:      623 b5bb7245baec1eaea19bca6fed93a20d
      Size/MD5 checksum:     4711 d2095bb5dbd01ad45eac91f17aa71dfa
      Size/MD5 checksum:     3535 9674e661082ad955010efd6d06686b82

  Alpha architecture:
      Size/MD5 checksum:     7978 207fa0d62d5cf58685f7f0db185e08d4
      Size/MD5 checksum:     8678 61934b801e98457666f28fd80e43dd53

  AMD64 architecture:
      Size/MD5 checksum:     7592 c98df83e0c69f857ab6d098c4c09ec41
      Size/MD5 checksum:     8090 b6c4401b2cad0e2cb8fef248a783cc48

  ARM architecture:
      Size/MD5 checksum:     7432 03343675acb57b139d29ce92e0dd7750
      Size/MD5 checksum:     7854 d58346c9292b0b5991f83ef3d9dd7a1d

  Intel IA-32 architecture:
      Size/MD5 checksum:     7330 29c880357067715b4ea639804f58ee6a
      Size/MD5 checksum:     7632 523f6a69be038c1d8ccb75f5e0cc2da9

  Intel IA-64 architecture:
      Size/MD5 checksum:     8692 091e101db6ebe1088b9f204611d6d20d
      Size/MD5 checksum:     9396 3e1d7ed7784f23c2d1437a6c0e935287

  HP Precision architecture:
      Size/MD5 checksum:     8106 40ffc96aa7b1bdbdf075a45ff4a020ca
      Size/MD5 checksum:     8666 528294b6c32e7d694d7f5336294fccae

  Motorola 680x0 architecture:
      Size/MD5 checksum:     7352 6c552aa90253a73c05203cc23fc08a49
      Size/MD5 checksum:     7774 6f56252d7552d86f1c26e61efe497b79

  Big endian MIPS architecture:
      Size/MD5 checksum:     8292 5874ebc2df9870cf2fa8025d32954051
      Size/MD5 checksum:     9970 8f0fe90a8941022445814684fb334f65

  Little endian MIPS architecture:
      Size/MD5 checksum:     8320 21e2f84d584507d08c134775832b4adf
      Size/MD5 checksum:     9938 16489ad8581b62e81b48da09b8b29fad

  PowerPC architecture:
      Size/MD5 checksum:     7778 a8b6300d9aa94a46b3a0b58ed0ca8333
      Size/MD5 checksum:     9404 064c6072f9f0aac62f474cff127dad15

  IBM S/390 architecture:
      Size/MD5 checksum:     7736 6f4731b8f9e8b433537ce710b048db0f
      Size/MD5 checksum:     8182 cc1d5ed072b00670b6a5b970c2ac8629

  Sun Sparc architecture:
      Size/MD5 checksum:     7494 48715a9189a4cb3cf514a8bca423d113
      Size/MD5 checksum:     7802 8c3e13cc4b95da0e4abd1926f11cfc94

  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb stable/updates main
For dpkg-ftp: dists/stable/updates/main
Mailing list:
< Prev   Next >


Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
OpenSSL Mystery Patch is No Heartbleed
Study: One-third of top websites vulnerable or hacked
Threat-sharing cybersecurity bill unveiled
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2015 Guardian Digital, Inc. All rights reserved.