Debian: 'mc' local DoS
Posted by Team   
Debian cons.saver does not check if it is started with a valid stdout, potentially causing a denial of service.


- ------------------------------------------------------------------------
Debian Security Advisory                                            Wichert Akkerman
November 25, 2000
- ------------------------------------------------------------------------

Package        : mc
Problem type   : local DoS
Debian-specific: no

Maurycy Prodeus found a problem in cons.saver, a screensaver for
the console that is included in the mc package. cons.saver does not
check if it is started with a valid stdout, which combined with a
bug in its check to see if its argument is a tty (it forgot to
close the file-descriptor after opening the supposed tty) causes it
to write a NUL character to the file given as its parameter.

This has been fixed in version 4.5.42-11.

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

Debian GNU/Linux 2.2 alias potato
- ---------------------------------

  Potato was released for alpha, arm, i386, m68k, powerpc and sparc.

  Source archives:
      MD5 checksum: 98428eb4284349e15b21b2cd36fbf55d
      MD5 checksum: f6bfd1c1c458247e49ec1f73a8da5a47
      MD5 checksum: 0d2e63dd4b0c0a3d4d6c5933187ba222

  Alpha architecture:
      MD5 checksum: 778a5121ae88e6dd5921ce65159a8f62
      MD5 checksum: b33dab94b93fe534fb448ad6ab5c2d3d
      MD5 checksum: 8fc235ecf3f4d39db8b6d264a99bcc88

  ARM architecture:
      MD5 checksum: 41de0eced28ed9962cf3cd7744e25842
      MD5 checksum: b99c2bfcb69adcc103760542c18870fc
      MD5 checksum: 93c09c57cb6cd99908999764ecc955cf

  Intel ia32 architecture:
      MD5 checksum: 13e981aac3e5562cd10354af83a756c5
      MD5 checksum: 3bd645c007bef90220f48bf3e8b451e8
      MD5 checksum: ffb14638ea3bdcd5faa8e49e7611266b

  Motorola 680x0 architecture:
      MD5 checksum: b63de3e53f49b188e5a516dac57185bf
      MD5 checksum: 8ba419260b77557da2cfd4f867cddc73
      MD5 checksum: d49246c914ad48fa0fdfdc08e5150635

  PowerPC architecture:
      MD5 checksum: 165eb728fc75d5ee4ebadad0609a8350
      MD5 checksum: 0cee7ec7bc646a3987a7571a36446f1e
      MD5 checksum: 14628f3fdc3cd10eb81e5458cb5f49a5

  Sun Sparc architecture:
      MD5 checksum: 44893268efa32df9867088cffa2c2f4d
      MD5 checksum: a6e92192b8b5ea7dc91f8607adddcddd
      MD5 checksum: 9e18fc005fffdb0e08c44c32df8b2e50

  These files will be moved into*/binary-$arch/ soon.

For not yet released architectures please refer to the appropriate
directory$arch/ .

- -- 
- ----------------------------------------------------------------------------
apt-get: deb stable/updates main
dpkg-ftp: dists/stable/updates/main
Mailing list:

Version: 2.6.3ia
Charset: noconv