Debian Planet has posted the new release plan for Debian GNU/Linux 3.1 (Sarge)
An updated mod-ssl package has released for Debian GNU/Linux
---------------------------------------------------------------------------
Debian Security Advisory DSA 532-2 security@debian.org
http://www.debian.org/security/ Matt Zimmerman
July 27th, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : libapache-mod-ssl
Vulnerability : several
Problem-Type : remote
Debian-specific: no
CVE Ids : CAN-2004-0488 CAN-2004-0700
Two vulnerabilities were discovered in libapache-mod-ssl:
CAN-2004-0488 - Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN.
CAN-2004-0700 - Format string vulnerability in the ssl_log function in ssl_engine_log.c in mod_ssl 2.8.19 for Apache 1.3.31 may allow remote attackers to execute arbitrary messages via format string specifiers in certain log messages for HTTPS.
This is a revision to DSA 531-1, due to a problem with a documentation symlink in the previous version of the i386 binary package.
For the current stable distribution (woody), these problems have been fixed in version 2.8.9-2.4.
For the unstable distribution (sid), CAN-2004-0488 was fixed in version 2.8.18, and CAN-2004-0700 will be fixed soon.
We recommend that you update your libapache-mod-ssl package.
---------------------------------------------------------------------------
Debian Security Advisory DSA 532-2 security@debian.org
http://www.debian.org/security/ Matt Zimmerman
July 27th, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : libapache-mod-ssl
Vulnerability : several
Problem-Type : remote
Debian-specific: no
CVE Ids : CAN-2004-0488 CAN-2004-0700
Two vulnerabilities were discovered in libapache-mod-ssl:
CAN-2004-0488 - Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN.
CAN-2004-0700 - Format string vulnerability in the ssl_log function in ssl_engine_log.c in mod_ssl 2.8.19 for Apache 1.3.31 may allow remote attackers to execute arbitrary messages via format string specifiers in certain log messages for HTTPS.
This is a revision to DSA 531-1, due to a problem with a documentation symlink in the previous version of the i386 binary package.
For the current stable distribution (woody), these problems have been fixed in version 2.8.9-2.4.
For the unstable distribution (sid), CAN-2004-0488 was fixed in version 2.8.18, and CAN-2004-0700 will be fixed soon.
We recommend that you update your libapache-mod-ssl package.
New courier packages are available for Debian GNU/Linux
---------------------------------------------------------------------------
Debian Security Advisory DSA 533-1 security@debian.org
http://www.debian.org/security/ Matt Zimmerman
July 22nd, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : courier
Vulnerability : cross-site scripting
Problem-Type : remote
Debian-specific: no
CVE Ids : CAN-2004-0591
A cross-site scripting vulnerability was discovered in sqwebmail, a web mail application provided by the courier mail suite, whereby an attacker could cause web script to be executed within the security context of the sqwebmail application by injecting it via an email message.
For the current stable distribution (woody), this problem has been fixed in version 0.37.3-2.5.
For the unstable distribution (sid), this problem has been fixed in version 0.45.4-4.
We recommend that you update your courier package.
---------------------------------------------------------------------------
Debian Security Advisory DSA 533-1 security@debian.org
http://www.debian.org/security/ Matt Zimmerman
July 22nd, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : courier
Vulnerability : cross-site scripting
Problem-Type : remote
Debian-specific: no
CVE Ids : CAN-2004-0591
A cross-site scripting vulnerability was discovered in sqwebmail, a web mail application provided by the courier mail suite, whereby an attacker could cause web script to be executed within the security context of the sqwebmail application by injecting it via an email message.
For the current stable distribution (woody), this problem has been fixed in version 0.37.3-2.5.
For the unstable distribution (sid), this problem has been fixed in version 0.45.4-4.
We recommend that you update your courier package.
New mailreader packages are available for Debian GNU/Linux
---------------------------------------------------------------------------
Debian Security Advisory DSA 534-1 security@debian.org
http://www.debian.org/security/ Matt Zimmerman
July 22nd, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : mailreader
Vulnerability : directory traversal
Problem-Type : remote
Debian-specific: no
CVE Ids : CAN-2002-1581
A directory traversal vulnerability was discovered in mailreader whereby remote attackers could view arbitrary files with the privileges of the nph-mr.cgi process (by default, www-data) via relative paths and a null byte in the configLanguage parameter.
For the current stable distribution (woody), this problem has been fixed in version 2.3.29-5woody1.
For the unstable distribution (sid), this problem will be fixed soon.
We recommend that you update your mailreader package.
---------------------------------------------------------------------------
Debian Security Advisory DSA 534-1 security@debian.org
http://www.debian.org/security/ Matt Zimmerman
July 22nd, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : mailreader
Vulnerability : directory traversal
Problem-Type : remote
Debian-specific: no
CVE Ids : CAN-2002-1581
A directory traversal vulnerability was discovered in mailreader whereby remote attackers could view arbitrary files with the privileges of the nph-mr.cgi process (by default, www-data) via relative paths and a null byte in the configLanguage parameter.
For the current stable distribution (woody), this problem has been fixed in version 2.3.29-5woody1.
For the unstable distribution (sid), this problem will be fixed soon.
We recommend that you update your mailreader package.
A mod-ssl package has been released for Debian GNU/Linux
---------------------------------------------------------------------------
Debian Security Advisory DSA 532-1 security@debian.org
http://www.debian.org/security/ Matt Zimmerman
July 22nd, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : libapache-mod-ssl
Vulnerability : several
Problem-Type : remote
Debian-specific: no
CVE Ids : CAN-2004-0488 CAN-2004-0700
Two vulnerabilities were discovered in libapache-mod-ssl:
CAN-2004-0488 - Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN.
CAN-2004-0700 - Format string vulnerability in the ssl_log function in ssl_engine_log.c in mod_ssl 2.8.19 for Apache 1.3.31 may allow remote attackers to execute arbitrary messages via format string specifiers in certain log messages for HTTPS.
For the current stable distribution (woody), these problems have been fixed in version 2.8.9-2.3.
For the unstable distribution (sid), CAN-2004-0488 was fixed in version 2.8.18, and CAN-2004-0700 will be fixed soon.
---------------------------------------------------------------------------
Debian Security Advisory DSA 532-1 security@debian.org
http://www.debian.org/security/ Matt Zimmerman
July 22nd, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : libapache-mod-ssl
Vulnerability : several
Problem-Type : remote
Debian-specific: no
CVE Ids : CAN-2004-0488 CAN-2004-0700
Two vulnerabilities were discovered in libapache-mod-ssl:
CAN-2004-0488 - Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN.
CAN-2004-0700 - Format string vulnerability in the ssl_log function in ssl_engine_log.c in mod_ssl 2.8.19 for Apache 1.3.31 may allow remote attackers to execute arbitrary messages via format string specifiers in certain log messages for HTTPS.
For the current stable distribution (woody), these problems have been fixed in version 2.8.9-2.3.
For the unstable distribution (sid), CAN-2004-0488 was fixed in version 2.8.18, and CAN-2004-0700 will be fixed soon.
Updated PHP 4.1.2 packages are available for Debian GNU/Linux
---------------------------------------------------------------------------
Debian Security Advisory DSA 531-1 security@debian.org
http://www.debian.org/security/ Matt Zimmerman
July 20th, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : php4
Vulnerability : several
Problem-Type : remote
Debian-specific: no
CVE Ids : CAN-2004-0594 CAN-2004-0595
Two vulnerabilities were discovered in php4:
- CAN-2004-0594 - The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_limit abort during execution of the zend_hash_init function and overwriting a HashTable destructor pointer before the initialization of key data structures is complete.
- CAN-2004-0595 - The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explorer and Safari, which ignore null characters and facilitate the exploitation of cross-site scripting (XSS) vulnerabilities.
For the current stable distribution (woody), these problems have been fixed in version 4.1.2-7.
For the unstable distribution (sid), these problems have been fixed in version 4:4.3.8-1.
We recommend that you update your php4 package.
---------------------------------------------------------------------------
Debian Security Advisory DSA 531-1 security@debian.org
http://www.debian.org/security/ Matt Zimmerman
July 20th, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : php4
Vulnerability : several
Problem-Type : remote
Debian-specific: no
CVE Ids : CAN-2004-0594 CAN-2004-0595
Two vulnerabilities were discovered in php4:
- CAN-2004-0594 - The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_limit abort during execution of the zend_hash_init function and overwriting a HashTable destructor pointer before the initialization of key data structures is complete.
- CAN-2004-0595 - The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explorer and Safari, which ignore null characters and facilitate the exploitation of cross-site scripting (XSS) vulnerabilities.
For the current stable distribution (woody), these problems have been fixed in version 4.1.2-7.
For the unstable distribution (sid), these problems have been fixed in version 4:4.3.8-1.
We recommend that you update your php4 package.
New l2tpd packages are available for Debian GNU/Linux
---------------------------------------------------------------------------
Debian Security Advisory DSA 530-1 security@debian.org
http://www.debian.org/security/ Matt Zimmerman
July 17th, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : l2tpd
Vulnerability : buffer overflow
Problem-Type : remote
Debian-specific: no
CVE Ids : CAN-2004-0649
Thomas Walpuski reported a buffer overflow in l2tpd, an implementation of the layer 2 tunneling protocol, whereby a remote attacker could potentially cause arbitrary code to be executed by transmitting a specially crafted packet. The exploitability of this vulnerability has not been verified.
For the current stable distribution (woody), this problem has been fixed in version 0.67-1.2.
For the unstable distribution (sid), this problem has been fixed in version 0.70-pre20031121-2.
---------------------------------------------------------------------------
Debian Security Advisory DSA 530-1 security@debian.org
http://www.debian.org/security/ Matt Zimmerman
July 17th, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : l2tpd
Vulnerability : buffer overflow
Problem-Type : remote
Debian-specific: no
CVE Ids : CAN-2004-0649
Thomas Walpuski reported a buffer overflow in l2tpd, an implementation of the layer 2 tunneling protocol, whereby a remote attacker could potentially cause arbitrary code to be executed by transmitting a specially crafted packet. The exploitability of this vulnerability has not been verified.
For the current stable distribution (woody), this problem has been fixed in version 0.67-1.2.
For the unstable distribution (sid), this problem has been fixed in version 0.70-pre20031121-2.
Updated netkit-telnet-ssl packages are available for Debian GNU/Linux
---------------------------------------------------------------------------
Debian Security Advisory DSA 529-1 security@debian.org
http://www.debian.org/security/ Matt Zimmerman
July 17th, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : netkit-telnet-ssl
Vulnerability : format string
Problem-Type : remote
Debian-specific: no
CVE Ids : CAN-2004-0640
b0f discovered a format string vulnerability in netkit-telnet-ssl which could potentially allow a remote attacker to cause the execution of arbitrary code with the privileges of the telnet daemon (the 'telnetd' user by default).
For the current stable distribution (woody), this problem has been fixed in version 0.17.17+0.1-2woody1.
For the unstable distribution (sid), this problem has been fixed in version 0.17.24+0.1-2.
---------------------------------------------------------------------------
Debian Security Advisory DSA 529-1 security@debian.org
http://www.debian.org/security/ Matt Zimmerman
July 17th, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : netkit-telnet-ssl
Vulnerability : format string
Problem-Type : remote
Debian-specific: no
CVE Ids : CAN-2004-0640
b0f discovered a format string vulnerability in netkit-telnet-ssl which could potentially allow a remote attacker to cause the execution of arbitrary code with the privileges of the telnet daemon (the 'telnetd' user by default).
For the current stable distribution (woody), this problem has been fixed in version 0.17.17+0.1-2woody1.
For the unstable distribution (sid), this problem has been fixed in version 0.17.24+0.1-2.
New ethereal packages are available for Debian GNU/Linux
---------------------------------------------------------------------------
Debian Security Advisory DSA 528-1 security@debian.org
http://www.debian.org/security/ Matt Zimmerman
July 17th, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : ethereal
Vulnerability : denial of service
Problem-Type : remote
Debian-specific: no
CVE Ids : CAN-2004-0635
Several denial of service vulnerabilities were discovered in ethereal, a network traffic analyzer. These vulnerabilites are described in the ethereal advisory "enpa-sa-00015". Of these, only one (CAN-2004-0635) affects the version of ethereal in Debian woody. This vulnerability could be exploited by a remote attacker to crash ethereal with an invalid SNMP packet.
For the current stable distribution (woody), these problems have been fixed in version 0.9.4-1woody8.
For the unstable distribution (sid), these problems have been fixed in version 0.10.5-1.
---------------------------------------------------------------------------
Debian Security Advisory DSA 528-1 security@debian.org
http://www.debian.org/security/ Matt Zimmerman
July 17th, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : ethereal
Vulnerability : denial of service
Problem-Type : remote
Debian-specific: no
CVE Ids : CAN-2004-0635
Several denial of service vulnerabilities were discovered in ethereal, a network traffic analyzer. These vulnerabilites are described in the ethereal advisory "enpa-sa-00015". Of these, only one (CAN-2004-0635) affects the version of ethereal in Debian woody. This vulnerability could be exploited by a remote attacker to crash ethereal with an invalid SNMP packet.
For the current stable distribution (woody), these problems have been fixed in version 0.9.4-1woody8.
For the unstable distribution (sid), these problems have been fixed in version 0.10.5-1.
DotDeb.org has released PHP 4.3.8 packages for Debian GNU/Linux 3.0
DotDeb has released PHP5 packages for Debian GNU/Linux 3.0
Progeny has released the first beta of Progeny Debian 2.0, Developer Edition
A Debian port of GNOME 2.7.1 including Evolution 1.5 and Firefox 0.9.1 is now available in the experimental distribution. Debian experimental is an extension to unstable.
Debian Planet has posted a new story on the AMD64 port of Debian GNU/Linux
New pavuk packages has been released for Debian GNU/Linux
---------------------------------------------------------------------------
Debian Security Advisory DSA 527-1 security@debian.org
http://www.debian.org/security/ Matt Zimmerman
July 3rd, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : pavuk
Vulnerability : buffer overflow
Problem-Type : remote
Debian-specific: no
CVE Ids : CAN-2004-0456
Ulf Härnhammar discovered a vulnerability in pavuk, a file retrieval program, whereby an oversized HTTP 305 response sent by a malicious server could cause arbitrary code to be executed with the privileges of the pavuk process.
For the current stable distribution (woody), this problem has been fixed in version 0.9pl28-1woody1.
pavuk is no longer included in the unstable distribution of Debian.
---------------------------------------------------------------------------
Debian Security Advisory DSA 527-1 security@debian.org
http://www.debian.org/security/ Matt Zimmerman
July 3rd, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : pavuk
Vulnerability : buffer overflow
Problem-Type : remote
Debian-specific: no
CVE Ids : CAN-2004-0456
Ulf Härnhammar discovered a vulnerability in pavuk, a file retrieval program, whereby an oversized HTTP 305 response sent by a malicious server could cause arbitrary code to be executed with the privileges of the pavuk process.
For the current stable distribution (woody), this problem has been fixed in version 0.9pl28-1woody1.
pavuk is no longer included in the unstable distribution of Debian.
New webmin packages has been released for Debian GNU/Linux
---------------------------------------------------------------------------
Debian Security Advisory DSA 526-1 security@debian.org
http://www.debian.org/security/ Matt Zimmerman
July 3rd, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : webmin
Vulnerability : several
Problem-Type : remote
Debian-specific: no
CVE Ids : CAN-2004-0582 CAN-2004-0583
Two vulnerabilities were discovered in webmin:
CAN-2004-0582: Unknown vulnerability in Webmin 1.140 allows remote attackers to bypass access control rules and gain read access to configuration information for a module.
CAN-2004-0583: The account lockout functionality in (1) Webmin 1.140 and (2) Usermin 1.070 does not parse certain character strings, which allows remote attackers to conduct a brute force attack to guess user IDs and passwords.
For the current stable distribution (woody), these problems have been fixed in version 0.94-7woody2.
For the unstable distribution (sid), these problems have been fixed in version 1.150-1.
---------------------------------------------------------------------------
Debian Security Advisory DSA 526-1 security@debian.org
http://www.debian.org/security/ Matt Zimmerman
July 3rd, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : webmin
Vulnerability : several
Problem-Type : remote
Debian-specific: no
CVE Ids : CAN-2004-0582 CAN-2004-0583
Two vulnerabilities were discovered in webmin:
CAN-2004-0582: Unknown vulnerability in Webmin 1.140 allows remote attackers to bypass access control rules and gain read access to configuration information for a module.
CAN-2004-0583: The account lockout functionality in (1) Webmin 1.140 and (2) Usermin 1.070 does not parse certain character strings, which allows remote attackers to conduct a brute force attack to guess user IDs and passwords.
For the current stable distribution (woody), these problems have been fixed in version 0.94-7woody2.
For the unstable distribution (sid), these problems have been fixed in version 1.150-1.
Debian Planet reports that Hilux, an updated Woody installer, has been released
An updated Apache package has been released for Debian GNU/Linux
---------------------------------------------------------------------------
Debian Security Advisory DSA 525-1 security@debian.org
http://www.debian.org/security/ Matt Zimmerman
June 24th, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : apache
Vulnerability : buffer overflow
Problem-Type : remote
Debian-specific: no
CVE Ids : CAN-2004-0492
Georgi Guninski discovered a buffer overflow bug in Apache's mod_proxy module, whereby a remote user could potentially cause arbitrary code to be executed with the privileges of an Apache httpd child process (by default, user www-data). Note that this bug is only exploitable if the mod_proxy module is in use.
Note that this bug exists in a module in the apache-common package, shared by apache, apache-ssl and apache-perl, so this update is sufficient to correct the bug for all three builds of Apache httpd. However, on systems using apache-ssl or apache-perl, httpd will not automatically be restarted.
For the current stable distribution (woody), this problem has been fixed in version 1.3.26-0woody5.
For the unstable distribution (sid), this problem has been fixed in version 1.3.31-2.
We recommend that you update your apache package.
---------------------------------------------------------------------------
Debian Security Advisory DSA 525-1 security@debian.org
http://www.debian.org/security/ Matt Zimmerman
June 24th, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : apache
Vulnerability : buffer overflow
Problem-Type : remote
Debian-specific: no
CVE Ids : CAN-2004-0492
Georgi Guninski discovered a buffer overflow bug in Apache's mod_proxy module, whereby a remote user could potentially cause arbitrary code to be executed with the privileges of an Apache httpd child process (by default, user www-data). Note that this bug is only exploitable if the mod_proxy module is in use.
Note that this bug exists in a module in the apache-common package, shared by apache, apache-ssl and apache-perl, so this update is sufficient to correct the bug for all three builds of Apache httpd. However, on systems using apache-ssl or apache-perl, httpd will not automatically be restarted.
For the current stable distribution (woody), this problem has been fixed in version 1.3.26-0woody5.
For the unstable distribution (sid), this problem has been fixed in version 1.3.31-2.
We recommend that you update your apache package.
New rlpr packages are available for Debian GNU/Linux
---------------------------------------------------------------------------
Debian Security Advisory DSA 524-1 security@debian.org
http://www.debian.org/security/ Matt Zimmerman
June 19th, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : rlpr
Vulnerability : several
Problem-Type : local, remote
Debian-specific: no
CVE Ids : CAN-2004-0393 CAN-2004-0454
jaguar@felinemenace.org discovered a format string vulnerability in rlpr, a utility for lpd printing without using /etc/printcap. While investigating this vulnerability, a buffer overflow was also discovered in related code. By exploiting one of these vulnerabilities, a local or remote user could potentially cause arbitrary code to be executed with the privileges of 1) the rlprd process (remote), or 2) root (local).
CAN-2004-0393: format string vulnerability via syslog(3) in msg() function in rlpr
CAN-2004-0454: buffer overflow in msg() function in rlpr
For the current stable distribution (woody), this problem has been fixed in version 2.02-7woody1.
For the unstable distribution (sid), this problem will be fixed soon.
We recommend that you update your rlpr package.
---------------------------------------------------------------------------
Debian Security Advisory DSA 524-1 security@debian.org
http://www.debian.org/security/ Matt Zimmerman
June 19th, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : rlpr
Vulnerability : several
Problem-Type : local, remote
Debian-specific: no
CVE Ids : CAN-2004-0393 CAN-2004-0454
jaguar@felinemenace.org discovered a format string vulnerability in rlpr, a utility for lpd printing without using /etc/printcap. While investigating this vulnerability, a buffer overflow was also discovered in related code. By exploiting one of these vulnerabilities, a local or remote user could potentially cause arbitrary code to be executed with the privileges of 1) the rlprd process (remote), or 2) root (local).
CAN-2004-0393: format string vulnerability via syslog(3) in msg() function in rlpr
CAN-2004-0454: buffer overflow in msg() function in rlpr
For the current stable distribution (woody), this problem has been fixed in version 2.02-7woody1.
For the unstable distribution (sid), this problem will be fixed soon.
We recommend that you update your rlpr package.
New www-sql packages has been released for Debian GNU/Linux
---------------------------------------------------------------------------
Debian Security Advisory DSA 523-1 security@debian.org
http://www.debian.org/security/ Matt Zimmerman
June 19th, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : www-sql
Vulnerability : buffer overflow
Problem-Type : local
Debian-specific: no
CVE Ids : CAN-2004-0455
Ulf Härnhammar discovered a buffer overflow vulnerability in www-sql, a CGI program which enables the creation of dynamic web pages by embedding SQL statements in HTML. By exploiting this vulnerability, a local user could cause the execution of arbitrary code by creating a web page and processing it with www-sql.
For the current stable distribution (woody), this problem has been fixed in version 0.5.7-17woody1.
For the unstable distribution (sid), this problem will be fixed soon.
We recommend that you update your www-sql package.
---------------------------------------------------------------------------
Debian Security Advisory DSA 523-1 security@debian.org
http://www.debian.org/security/ Matt Zimmerman
June 19th, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : www-sql
Vulnerability : buffer overflow
Problem-Type : local
Debian-specific: no
CVE Ids : CAN-2004-0455
Ulf Härnhammar discovered a buffer overflow vulnerability in www-sql, a CGI program which enables the creation of dynamic web pages by embedding SQL statements in HTML. By exploiting this vulnerability, a local user could cause the execution of arbitrary code by creating a web page and processing it with www-sql.
For the current stable distribution (woody), this problem has been fixed in version 0.5.7-17woody1.
For the unstable distribution (sid), this problem will be fixed soon.
We recommend that you update your www-sql package.
