Risks

Advisories

Browse

Debian Security Advisory - in.uucpd string truncation problem

-----BEGIN PGP SIGNED MESSAGE----- 


- ---------------------------------------------------------------------------- 
Debian Security Advisory security@debian.org 
http://www.debian.org/security/ Michael Stone 
May 27, 2002 
- ---------------------------------------------------------------------------- 


Package: uucp 
Vulnerability: remote dos 
Debian-specific: yes 


We have received reports that in.uucpd, an authentication agent in the 
uucp package, does not properly terminate certain long input strings. 
This has been corrected in uucp package version 1.06.1-11potato3 for 
Debian 2.2 (potato) and in version 1.06.1-18 for the upcoming (woody) 
release. 


We recommend you upgrade your uucp package immediately. 


wget url 
        will fetch the file for you 
dpkg -i file.deb 
        will install the referenced file. 


You may use an automated update by adding the resources from the 
footer to the proper configuration. 



Debian GNU/Linux 2.2 alias potato 
- --------------------------------- 


  Potato was released for alpha, arm, i386, m68k, powerpc and sparc. 


  Source archives: 
   
http://security.debian.org/dists/stable/updates/main/source/uucp_1.06.1-11potato3.dif
f.gz 
      MD5 checksum: 72a754638558507ee3f1794a22133db3 
   
http://security.debian.org/dists/stable/updates/main/source/uucp_1.06.1-11potato3.dsc

      MD5 checksum: 549d78afae9c33422dbb325f5e2f60b9 
   
http://security.debian.org/dists/stable/updates/main/source/uucp_1.06.1.orig.tar.gz 
      MD5 checksum: 390af5277915fcadbeee74d2f3038af9 


  Alpha architecture: 
   
http://security.debian.org/dists/stable/updates/main/binary-alpha/uucp_1.06.1-11potat
o3_alpha.deb 
      MD5 checksum: 15fac849328d57860aedf2cba8274170 


  ARM architecture: 
   
http://security.debian.org/dists/stable/updates/main/binary-arm/uucp_1.06.1-11potato3
_arm.deb 
      MD5 checksum: 410fe766a74528e6b7564821e4b3aa7e 


  Intel IA-32 architecture: 
   
http://security.debian.org/dists/stable/updates/main/binary-i386/uucp_1.06.1-11potato
3_i386.deb 
      MD5 checksum: 26f22db0eeed4cabad46861112d94d47 


  Motorola 680x0 architecture: 
   
http://security.debian.org/dists/stable/updates/main/binary-m68k/uucp_1.06.1-11potato
3_m68k.deb 
      MD5 checksum: 80ce564f52e43917c7e76411adfe6206 


  PowerPC architecture: 
   
http://security.debian.org/dists/stable/updates/main/binary-powerpc/uucp_1.06.1-11pot
ato3_powerpc.deb 
      MD5 checksum: 744c3a2c394a02ada9ef6c43b539fab9 


  Sun Sparc architecture: 
   
http://security.debian.org/dists/stable/updates/main/binary-sparc/uucp_1.06.1-11potat
o3_sparc.deb 
      MD5 checksum: d3ac8428c4d2f65573b0946a31234422 


  These packages will be moved into the stable distribution on its next 
  revision. 



For not yet released architectures please refer to the appropriate 
directory ftp://ftp.debian.org/debian/dists/sid/binary-$arch/ . 


- ---------------------------------------------------------------------------- 
For apt-get: deb http://security.debian.org/ stable/updates main 
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main 
Mailing list: debian-security-announce@lists.debian.org 
-----BEGIN PGP SIGNATURE----- 
Version: GnuPG v1.0.7 (GNU/Linux) 


iQCVAwUBPPjB3w0hVr09l8FJAQFNPwP+Pdzx431bambRcYljSaKT/7lk47kod8UI 
xrkl1Wd6hjGYw5Riaigg/XR4MWVPC+i+gktgWlqg/tFP17vyA1UzMtoKpftZAkgJ 
2ouLzOLJN2YmV6jnno2HUX5pmKWDSxYhSIz7ZURCi0s/eT+iMYk7Aajmvbcq9EkE 
JYGQBku4O0I= 
=emqF 
-----END PGP SIGNATURE-----

Spotlight

IT security jobs: What's in demand and how to meet it

Posted on 15 May 2013. | Let's say you want a career in information security, where do you start? What credentials do you need? What are employers looking for? Read on to find some answers.

Is Microsoft is reading your Skype communications?

Posted on 15 May 2013. | The question of whether Skype allows U.S. intelligence and law enforcement agencies to access the communications exchanged by its users has still not been adequately answered by Microsoft.

Internet Explorer best at blocking malware

Posted on 14 May 2013. | While Chrome’s malware download protection improved significantly, Internet Explorer 10 continues to outperform the other browsers with a block rate of 99.96%.

Researcher refuses to help Saudi telco to spy on people

Posted on 14 May 2013. | You would think that a Saudi Arabian telecom firm interested in monitoring its users' mobile communications would not be asking a well-known pro-privacy researcher for help, but you would be wrong.

Malicious browser extensions are hijacking Facebook accounts

Posted on 13 May 2013. | Facebook users - especially those in Brazil - are being targeted with malicious browser extensions trying to hijack Facebook profiles, warns Microsoft.

Daily digest

By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.

Weekly newsletter

With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.

DON'T
MISS
Fri, May 17th

17 May 2013.

Data stealing attacks using fake attachments

17 May 2013.

A look into the EC Council hack

16 May 2013.

Thoughts on the need for anonymity

16 May 2013.

Researchers reveal OpUSA attackers' MO

15 May 2013.

How to get a job in information security