Debian update for freesweep - Secunia Advisories - Vulnerability Intelligence

Debian update for freesweep
Secunia Advisory:	SA9862	Advisory Toolbox: Issue ticket Save in to-do list Mark as handled Exploit information Download as PDF Review actions Add comment
Release Date:	2003-09-29
Popularity:	5,826 views

Critical:	Not critical
Impact:	Privilege escalation
Where:	Local system
Solution Status:	Vendor Patch

OS:	Debian GNU/Linux 3.0 Debian GNU/Linux unstable alias sid

Subscribe:	Instant alerts on relevant vulnerabilities

CVE reference:	CVE-2003-0828

Description: Debian has issued updated packages for freesweep. These fix a vulnerability, which can be exploited by malicious, local users to escalate their privileges on a vulnerable system. The vulnerability is caused due to a boundary error when processing various environment variables. This can be exploited to cause buffer overflows by constructing overly long, specially crafted environment variables, which may allow execution of arbitrary code with group "games" privileges. Solution: Updated packages: -- Debian GNU/Linux 3.0 alias woody -- Source archives: http://security.debian.org/pool/updat.../freesweep/freesweep_0.88-4woody1.dsc Size/MD5 checksum: 604 3b4fcb708f68923f54b4e6e9a75cdf2f http://security.debian.org/pool/updat...esweep/freesweep_0.88-4woody1.diff.gz Size/MD5 checksum: 23476 8aa97d3f8d182be549621937a1de34a7 http://security.debian.org/pool/updat.../freesweep/freesweep_0.88.orig.tar.gz Size/MD5 checksum: 72711 cfcbe96ee572d4e737da3166f20c3f85 Alpha architecture: http://security.debian.org/pool/updat...weep/freesweep_0.88-4woody1_alpha.deb Size/MD5 checksum: 41584 a80ee65d7609074a5fd0bb72a89d35c8 ARM architecture: http://security.debian.org/pool/updat...esweep/freesweep_0.88-4woody1_arm.deb Size/MD5 checksum: 35648 42e0fea755cf1de15b96b6441bbca232 Intel IA-32 architecture: http://security.debian.org/pool/updat...sweep/freesweep_0.88-4woody1_i386.deb Size/MD5 checksum: 35920 f4d5a64504e5f47aecd81178826c9386 Intel IA-64 architecture: http://security.debian.org/pool/updat...sweep/freesweep_0.88-4woody1_ia64.deb Size/MD5 checksum: 49758 b85c448dc51c6abf177287064e458ec2 HP Precision architecture: http://security.debian.org/pool/updat...sweep/freesweep_0.88-4woody1_hppa.deb Size/MD5 checksum: 40832 da4299857ed94f24e99581fc8aa7c55b Motorola 680x0 architecture: http://security.debian.org/pool/updat...sweep/freesweep_0.88-4woody1_m68k.deb Size/MD5 checksum: 33690 edf0a457199e07e44c3c7b787ab50466 Big endian MIPS architecture: http://security.debian.org/pool/updat...sweep/freesweep_0.88-4woody1_mips.deb Size/MD5 checksum: 37940 2a33af6b5b6fc76e67708768492d4e10 Little endian MIPS architecture: http://security.debian.org/pool/updat...eep/freesweep_0.88-4woody1_mipsel.deb Size/MD5 checksum: 37982 3a106328946d6115590228df1112e8b3 PowerPC architecture: http://security.debian.org/pool/updat...ep/freesweep_0.88-4woody1_powerpc.deb Size/MD5 checksum: 36332 03da264cc52ea053cfa19c96ee0a56dd IBM S/390 architecture: http://security.debian.org/pool/updat...sweep/freesweep_0.88-4woody1_s390.deb Size/MD5 checksum: 36576 25ba7c0f70f83c2081b7b47a74b3b579 Sun Sparc architecture: http://security.debian.org/pool/updat...weep/freesweep_0.88-4woody1_sparc.deb Size/MD5 checksum: 38638 f59794b6e93379516b6a2b979b4a2db8 -- Debian GNU/Linux unstable alias sid -- This will reportedly be fixed soon. Provided and/or discovered by: Steve Kemp Original Advisory: http://www.debian.org/security/2003/dsa-391

Track this Secunia Advisory
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released. Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.

About this Secunia Advisory
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise. Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.

Latest Advisories

Today

New advisories:	24
New vulnerabilities:	39
Updated advisories:	41

Moderately // 140 views

mvnForum Unspecified Cross-Site Scripting and Request Forgery

Less // 152 views

Debian update for awstats

Moderately // 158 views

Kolab Server ClamAV Multiple Vulnerabilities

Less // 222 views

Movable Type Unspecified Cross-Site Scripting Vulnerability

Moderately // 206 views

Sunbyte e-Flower "id" SQL Injection Vulnerability

Not // 231 views

SUSE update for kernel

Not // 302 views

HP-UX Unspecified Local Denial of Service Vulnerability

Moderately // 272 views

WebGUI Executable Attachments Vulnerability

Moderately // 400 views

SquirrelMail Malformed HTML Mail Message Script Insertion

Less // 398 views

VMware ESX Server update for bzip2

Solutions | More...

Send Feedback to Secunia
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com. Ideas, suggestions, and other feedback are most welcome.