Debian Mah-Jong Two Unspecified Vulnerabilities - Secunia Advisories - Vulnerability Intelligence

Debian Mah-Jong Two Unspecified Vulnerabilities
Secunia Advisory:	SA9687	Advisory Toolbox: Issue ticket Save in to-do list Mark as handled Exploit information Download as PDF Review actions Add comment
Release Date:	2003-09-09
Popularity:	8,932 views

Critical:	Highly critical
Impact:	DoS System access
Where:	From remote
Solution Status:	Vendor Patch

OS:	Debian GNU/Linux 3.0 Debian GNU/Linux unstable alias sid

Subscribe:	Instant alerts on relevant vulnerabilities

CVE reference:	CVE-2003-0705 CVE-2003-0706

Description: Debian has reported two vulnerabilities in mah-jong, which can be exploited by malicious people to compromise a vulnerable system or cause a DoS (Denial of Service). An unspecified boundary error can be exploited to cause a buffer overflow. This may allow execution of arbitrary code with the privileges of the mah-jong server. Another unspecified error can be exploited to cause the server to enter a loop and stop responding to commands. Solution: Updated packages: -- Debian GNU/Linux 3.0 alias woody -- Source archives: http://security.debian.org/pool/updates/main/m/mah-jong/mah-jong_1.4-2.dsc Size/MD5 checksum: 579 b473dfb32c1765f3b96a1d4897a728a5 http://security.debian.org/pool/updates/main/m/mah-jong/mah-jong_1.4-2.diff.gz Size/MD5 checksum: 23814 c0465cd149b6f9bfc7f0096ab5d0d192 http://security.debian.org/pool/updates/main/m/mah-jong/mah-jong_1.4.orig.tar.gz Size/MD5 checksum: 259474 21cc99ddb9ae91cbe02b2119586f8860 Alpha architecture: http://security.debian.org/pool/updates/main/m/mah-jong/mah-jong_1.4-2_alpha.deb Size/MD5 checksum: 311378 0ff83a703283cad7faa06609d330d9ef ARM architecture: http://security.debian.org/pool/updates/main/m/mah-jong/mah-jong_1.4-2_arm.deb Size/MD5 checksum: 272324 e6974d354918f6f4d0dffa3bb3eb4b9f Intel IA-32 architecture: http://security.debian.org/pool/updates/main/m/mah-jong/mah-jong_1.4-2_i386.deb Size/MD5 checksum: 250012 a4f7d586918c3a712d073aa9e8e42bd5 Intel IA-64 architecture: http://security.debian.org/pool/updates/main/m/mah-jong/mah-jong_1.4-2_ia64.deb Size/MD5 checksum: 379856 b63ee72a1a2f4ac16e902ae0f8b5b3e1 HP Precision architecture: http://security.debian.org/pool/updates/main/m/mah-jong/mah-jong_1.4-2_hppa.deb Size/MD5 checksum: 286728 c4c544f15f09199b753848cb7ee417d9 Motorola 680x0 architecture: http://security.debian.org/pool/updates/main/m/mah-jong/mah-jong_1.4-2_m68k.deb Size/MD5 checksum: 234410 91682fc41ab6fb8b57ebfb09681f3180 Big endian MIPS architecture: http://security.debian.org/pool/updates/main/m/mah-jong/mah-jong_1.4-2_mips.deb Size/MD5 checksum: 261874 977e1d059bbaca988a3cb60636e74d17 Little endian MIPS architecture: http://security.debian.org/pool/updat.../m/mah-jong/mah-jong_1.4-2_mipsel.deb Size/MD5 checksum: 261666 45e1785dd5c17dcbec971fc8024b8787 PowerPC architecture: http://security.debian.org/pool/updat...m/mah-jong/mah-jong_1.4-2_powerpc.deb Size/MD5 checksum: 271566 5d25f219fdb987ca014775ae4ae9ee9c IBM S/390 architecture: http://security.debian.org/pool/updates/main/m/mah-jong/mah-jong_1.4-2_s390.deb Size/MD5 checksum: 246116 be071c93713eb1257f9a8b8225968ad8 Sun Sparc architecture: http://security.debian.org/pool/updates/main/m/mah-jong/mah-jong_1.4-2_sparc.deb Size/MD5 checksum: 269392 78b122c5b4145b039dda06d4e16cfe48 -- Debian GNU/Linux unstable alias sid -- Fixed in version 1.5.6-2. Provided and/or discovered by: Nicolas Boullis Original Advisory: http://www.debian.org/security/2003/dsa-378

Track this Secunia Advisory
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released. Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.

About this Secunia Advisory
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise. Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.

Latest Advisories

2nd Dec, 2008

New advisories:	14
New vulnerabilities:	21
Updated advisories:	26

Less // 402 views

Linksys WRT160N Cross-Site Scripting Vulnerability

Less // 386 views

IBM Rational ClearQuest Multiple Vulnerabilities

Not // 308 views

Debian update for flamethrower

Not // 297 views

flamethrower Insecure Temporary Files

Less // 356 views

IBM Rational ClearCase Cross-Site Scripting Vulnerability

Not // 344 views

DAHDI "ZT_SPANCONFIG" IOCTL Privilege Escalation Vulnerability

Not // 338 views

Zaptel "ZT_SPANCONFIG" IOCTL Privilege Escalation Vulnerabilities

Moderately // 325 views

Rumpus Multiple Vulnerabilities

Less // 345 views

bcoos "cid" SQL Injection Vulnerability

Moderately // 358 views

ASP Portal "ASPPortal.mdb" Database Disclosure Security Issue

Solutions | More...

Send Feedback to Secunia
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com. Ideas, suggestions, and other feedback are most welcome.