Debian update for conquest - Secunia Advisories - Vulnerability Intelligence

Debian update for conquest
Secunia Advisory:	SA10178	Advisory Toolbox: Issue ticket Save in to-do list Mark as handled Exploit information Download as PDF Review actions Add comment
Release Date:	2003-11-10
Popularity:	6,940 views

Critical:	Not critical
Impact:	Privilege escalation
Where:	Local system
Solution Status:	Vendor Patch

OS:	Debian GNU/Linux 3.0 Debian GNU/Linux unstable alias sid

Subscribe:	Instant alerts on relevant vulnerabilities

CVE reference:	CVE-2003-0933

Description: Debian has issued updated packages for conquest. These fix a vulnerability, which can be exploited by malicious, local users to escalate their privileges. The vulnerability is caused due to a boundary error when handling environment variables. This can be exploited to cause buffer overflows and execute arbitrary code with group "conquest" privileges. Solution: Apply updated packages. -- Debian GNU/Linux 3.0 alias woody -- Source archives: http://security.debian.org/pool/updat...c/conquest/conquest_7.1.1-6woody1.dsc Size/MD5 checksum: 606 89c7be20d34d9176d18eb51f28c7806e http://security.debian.org/pool/updat...nquest/conquest_7.1.1-6woody1.diff.gz Size/MD5 checksum: 32749 27d90e0b6719579833cb064a2b70dcdb http://security.debian.org/pool/updat...c/conquest/conquest_7.1.1.orig.tar.gz Size/MD5 checksum: 255029 c02891f6c0c4b8c73a82c1c8185e3025 Alpha architecture: http://security.debian.org/pool/updat...uest/conquest_7.1.1-6woody1_alpha.deb Size/MD5 checksum: 366064 b6d212bd4a4880488195d47002e66981 ARM architecture: http://security.debian.org/pool/updat...nquest/conquest_7.1.1-6woody1_arm.deb Size/MD5 checksum: 227160 42399fea69c68ce63890e63b1b6c00ef Intel IA-32 architecture: http://security.debian.org/pool/updat...quest/conquest_7.1.1-6woody1_i386.deb Size/MD5 checksum: 228846 f03fd6daf700e6f3bf8def68eff30d72 Intel IA-64 architecture: http://security.debian.org/pool/updat...quest/conquest_7.1.1-6woody1_ia64.deb Size/MD5 checksum: 402110 ffbff5ca106ee2d41b28aa15e61f74ce HP Precision architecture: http://security.debian.org/pool/updat...quest/conquest_7.1.1-6woody1_hppa.deb Size/MD5 checksum: 260870 1348a3b191e52a84302ee6304654007f Motorola 680x0 architecture: http://security.debian.org/pool/updat...quest/conquest_7.1.1-6woody1_m68k.deb Size/MD5 checksum: 215282 02fc3e118af479c039dde99cf400dac7 Big endian MIPS architecture: http://security.debian.org/pool/updat...quest/conquest_7.1.1-6woody1_mips.deb Size/MD5 checksum: 277570 a538cc763893262f56dbcc247d63f75f Little endian MIPS architecture: http://security.debian.org/pool/updat...est/conquest_7.1.1-6woody1_mipsel.deb Size/MD5 checksum: 275324 ca3d4e2831592b7a0a9b302845895699 PowerPC architecture: http://security.debian.org/pool/updat...st/conquest_7.1.1-6woody1_powerpc.deb Size/MD5 checksum: 267460 6c14f9505b9a70a26b251086fb0a4283 IBM S/390 architecture: http://security.debian.org/pool/updat...quest/conquest_7.1.1-6woody1_s390.deb Size/MD5 checksum: 241432 f427b9ce0febfe66370b773c84e30a2e Sun Sparc architecture: http://security.debian.org/pool/updat...uest/conquest_7.1.1-6woody1_sparc.deb Size/MD5 checksum: 302096 50f45c32dc171f547ade2d0439e3ebe0 -- Debian GNU/Linux unstable alias sid -- Fixed in version 7.2-5. Provided and/or discovered by: Steve Kemp Original Advisory: http://www.debian.org/security/2003/dsa-398

Track this Secunia Advisory
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released. Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.

About this Secunia Advisory
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise. Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.

Latest Advisories

13th Oct, 2008

New advisories:	19
New vulnerabilities:	31
Updated advisories:	28

Moderately // 358 views

My PHP Indexer "d" File Disclosure Vulnerability

Moderately // 309 views

NewLife Blogger "nlb3" SQL Injection Vulnerability

Moderately // 304 views

Ayco Okul "linkid" SQL Injection Vulnerability

Less // 324 views

ScriptsEz Mini Hosting Panel "dir" File Disclosure

Not // 370 views

WinFTP "PASV" Denial of Service Vulnerability

Moderately // 356 views

Real Estates Classifieds "cat" SQL Injection Vulnerability

Moderately // 438 views

Joomla Ignite Gallery Component "gallery" SQL Injection

Moderately // 396 views

Joomla Mad4Joomla Mailforms Component "jid" SQL Injection

Moderately // 352 views

MunzurSoft Wep Portal W3 "kat" SQL Injection Vulnerability

Moderately // 397 views

Joomla OwnBiblio Component "catid" SQL Injection

Solutions | More...

Send Feedback to Secunia
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com. Ideas, suggestions, and other feedback are most welcome.