DSA 556-2: New netkit-telnet packages really fix denial of service
Posted on: 10/18/2004 08:58 AM

Another netkit-telnet package for Debian GNU/Linux has been released

---------------------------------------------------------------------------
Debian Security Advisory DSA 556-2 security@debian.org
http://www.debian.org/security/ Martin Schulze
XXXXX 8th, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------

Package : netkit-telnet
Vulnerability : invalid free(3)
Problem-Type : remote
Debian-specific: yes
CVE ID : CAN-2004-0911
Debian Bug : 273694

This is an update for DSA 556-1 which was intended to fix a denial of service situation in netkit-telnet but didn't. The update for unstable did fix the problem. For completeness below is the original advisory text:

Michal Zalewski discovered a bug in the netkit-telnet server (telnetd) whereby a remote attacker could cause the telnetd process to free an invalid pointer. This causes the telnet server process to crash, leading to a straightforward denial of service (inetd will disable the service if telnetd is crashed repeatedly), or possibly the execution of arbitrary code with the privileges of the telnetd process (by default, the 'telnetd' user).

For the unstable distribution (sid) this problem has been fixed in version 0.17-26.

For the stable distribution (woody) this problem has been fixed in version 0.17-18woody2.

We recommend that you upgrade your netkit-telnet-ssl package.

Upgrade Instructions
---------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.


Debian GNU/Linux 3.0 alias woody
---------------------------------

Source archives:

http://security.debian.org/pool/updates/main/n/netkit-telnet/netkit-telnet_0.17-18woody2.dsc
Size/MD5 checksum: 602 5c4291548c60df2607baabc8af77fe88
http://security.debian.org/pool/updates/main/n/netkit-telnet/netkit-telnet_0.17-18woody2.diff.gz
Size/MD5 checksum: 21969 e29d25caa0138fe87b26f2fee609698d
http://security.debian.org/pool/updates/main/n/netkit-telnet/netkit-telnet_0.17.orig.tar.gz
Size/MD5 checksum: 133749 d6beabaaf53fe6e382c42ce3faa05a36

Alpha architecture:

http://security.debian.org/pool/updates/main/n/netkit-telnet/telnet_0.17-18woody2_alpha.deb
Size/MD5 checksum: 84150 5cd0073e1d87493de0e9347e08b33e4c
http://security.debian.org/pool/updates/main/n/netkit-telnet/telnetd_0.17-18woody2_alpha.deb
Size/MD5 checksum: 45804 4f5924c6b71a716bbae5ff32aebdaee1

ARM architecture:

http://security.debian.org/pool/updates/main/n/netkit-telnet/telnet_0.17-18woody2_arm.deb
Size/MD5 checksum: 69924 8bb25a534f053a693aa971df0e15d71f
http://security.debian.org/pool/updates/main/n/netkit-telnet/telnetd_0.17-18woody2_arm.deb
Size/MD5 checksum: 39618 2cfc8d96f00bb739333adf0659caceb6

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/n/netkit-telnet/telnet_0.17-18woody2_i386.deb
Size/MD5 checksum: 70944 f8361dcb79029ba42c929a4eec1c9f2c
http://security.debian.org/pool/updates/main/n/netkit-telnet/telnetd_0.17-18woody2_i386.deb
Size/MD5 checksum: 38594 8619caa3b44632443cde32a032100d3f

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/n/netkit-telnet/telnet_0.17-18woody2_ia64.deb
Size/MD5 checksum: 102740 d9839694911c708b6e76de4f41434b24
http://security.debian.org/pool/updates/main/n/netkit-telnet/telnetd_0.17-18woody2_ia64.deb
Size/MD5 checksum: 52486 8d7c4b6f977d5f01e93ef2437829202d

HP Precision architecture:

http://security.debian.org/pool/updates/main/n/netkit-telnet/telnet_0.17-18woody2_hppa.deb
Size/MD5 checksum: 69972 f5eb1bcafb1306cad596edc9e177eb7d
http://security.debian.org/pool/updates/main/n/netkit-telnet/telnetd_0.17-18woody2_hppa.deb
Size/MD5 checksum: 43514 00b12715674693c3413dc74393d13cd7

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/n/netkit-telnet/telnet_0.17-18woody2_m68k.deb
Size/MD5 checksum: 67156 3a4ba0fc24b5fbdc6cd07dfe369ff051
http://security.debian.org/pool/updates/main/n/netkit-telnet/telnetd_0.17-18woody2_m68k.deb
Size/MD5 checksum: 37452 951df56394fe48d8b2545c9595280307

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/n/netkit-telnet/telnet_0.17-18woody2_mips.deb
Size/MD5 checksum: 80850 b2b47cef8c63aeae88939319ccffeb4a
http://security.debian.org/pool/updates/main/n/netkit-telnet/telnetd_0.17-18woody2_mips.deb
Size/MD5 checksum: 42610 3da3497520b9b63aa76860249ffa19a8

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/n/netkit-telnet/telnet_0.17-18woody2_mipsel.deb
Size/MD5 checksum: 80746 23cc994b10106a96da77b8b4c09db293
http://security.debian.org/pool/updates/main/n/netkit-telnet/telnetd_0.17-18woody2_mipsel.deb
Size/MD5 checksum: 42602 eaa443670708c98ca589e8c79b7e130d

PowerPC architecture:

http://security.debian.org/pool/updates/main/n/netkit-telnet/telnet_0.17-18woody2_powerpc.deb
Size/MD5 checksum: 73210 279bd225fed44479f70d231244378a34
http://security.debian.org/pool/updates/main/n/netkit-telnet/telnetd_0.17-18woody2_powerpc.deb
Size/MD5 checksum: 40256 ded106aca9111c910eed3e0c8471f90d

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/n/netkit-telnet/telnet_0.17-18woody2_s390.deb
Size/MD5 checksum: 73160 4b6a667921fad470fc9cf2ea5a337987
http://security.debian.org/pool/updates/main/n/netkit-telnet/telnetd_0.17-18woody2_s390.deb
Size/MD5 checksum: 41218 25a8ed701f933546d375626adc5af142

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/n/netkit-telnet/telnet_0.17-18woody2_sparc.deb
Size/MD5 checksum: 74160 ec213a37a00451e2c6d7e0ef8867acae
http://security.debian.org/pool/updates/main/n/netkit-telnet/telnetd_0.17-18woody2_sparc.deb
Size/MD5 checksum: 45324 8af7b133cbf41eafc21886bed81b1c84


These files will probably be moved into the stable distribution on its next update.


Printed from Linux Compatible (http://www.linuxcompatible.org/news/story/dsa_556_2_new_netkit_telnet_packages_really_fix_denial_of_service.html)