Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2003.0665 -- Debian Security Advisory DSA-387-1
New gopher packages fix buffer overflows
22 September 2003
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: gopherd
Publisher: Debian
Operating System: Debian GNU/Linux 3.0
Linux
Impact: Execute Arbitrary Code/Commands
Access Required: Remote
CVE Names: CAN-2003-0805
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- - --------------------------------------------------------------------------
Debian Security Advisory DSA 387-1 security@debian.org
http://www.debian.org/security/ Matt Zimmerman
September 18th, 2003 http://www.debian.org/security/faq
- - --------------------------------------------------------------------------
Package : gopher
Vulnerability : buffer overflows
Problem-Type : remote
Debian-specific: no
CVE Ids : CAN-2003-0805
gopherd, a gopher server from the University of Minnesota, contains a
number of buffer overflows which could be exploited by a remote
attacker to execute arbitrary code with the privileges of the gopherd
process (the "gopher" user by default).
For the stable distribution (woody) this problem has been fixed in
version 3.0.3woody1.
This program has been removed from the unstable distribution (sid).
gopherd is deprecated, and users are recommended to use PyGopherd instead.
We recommend that you update your gopherd package.
Upgrade Instructions
- - --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.0 alias woody
- - --------------------------------
Source archives:
http://security.debian.org/pool/updates/main/g/gopher/gopher_3.0.3woody1.dsc
Size/MD5 checksum: 552 76894dc1222e79774f40224324f0ad7f
http://security.debian.org/pool/updates/main/g/gopher/gopher_3.0.3woody1.tar.gz
Size/MD5 checksum: 508417 06bc48d36dc86d7b16ff4d3127e6af6b
Alpha architecture:
http://security.debian.org/pool/updates/main/g/gopher/gopher_3.0.3woody1_alpha.deb
Size/MD5 checksum: 151236 5218f20b73cf27e24caf8fc096ee6b91
http://security.debian.org/pool/updates/main/g/gopher/gopherd_3.0.3woody1_alpha.deb
Size/MD5 checksum: 119994 3c11c4950de29f3f9b9657be7280659f
ARM architecture:
http://security.debian.org/pool/updates/main/g/gopher/gopher_3.0.3woody1_arm.deb
Size/MD5 checksum: 114484 8ee45328aae7009263c4032671b7bf56
http://security.debian.org/pool/updates/main/g/gopher/gopherd_3.0.3woody1_arm.deb
Size/MD5 checksum: 98494 1890c8e32bd42994a9a1d3042d110e86
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/g/gopher/gopher_3.0.3woody1_i386.deb
Size/MD5 checksum: 112374 6b57793273a1bad97d0640a8d01e14b9
http://security.debian.org/pool/updates/main/g/gopher/gopherd_3.0.3woody1_i386.deb
Size/MD5 checksum: 96740 f8ed5c064754ed584a31eaf1b100825e
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/g/gopher/gopher_3.0.3woody1_ia64.deb
Size/MD5 checksum: 173530 e6a1b592a571aed9ffaba35068a0495e
http://security.debian.org/pool/updates/main/g/gopher/gopherd_3.0.3woody1_ia64.deb
Size/MD5 checksum: 139634 64803a5dd1dff2e88fcfc68f6ef9ee11
HP Precision architecture:
http://security.debian.org/pool/updates/main/g/gopher/gopher_3.0.3woody1_hppa.deb
Size/MD5 checksum: 129748 b5c718e641270c8e1b589135c509a4d5
http://security.debian.org/pool/updates/main/g/gopher/gopherd_3.0.3woody1_hppa.deb
Size/MD5 checksum: 109600 efcf89e4af0d362d879f24e588883e26
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/g/gopher/gopher_3.0.3woody1_m68k.deb
Size/MD5 checksum: 105664 82e0ef414d07be4eea0cb1f747968575
http://security.debian.org/pool/updates/main/g/gopher/gopherd_3.0.3woody1_m68k.deb
Size/MD5 checksum: 91786 718d9631c2d1824d6e8ef631eadfeb78
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/g/gopher/gopher_3.0.3woody1_mips.deb
Size/MD5 checksum: 130662 ab224c0de3c08876d55a1f93f2830190
http://security.debian.org/pool/updates/main/g/gopher/gopherd_3.0.3woody1_mips.deb
Size/MD5 checksum: 109360 0a74a8980e0878a7828c2c2466e5d790
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/g/gopher/gopher_3.0.3woody1_mipsel.deb
Size/MD5 checksum: 130674 1d585c488b273c8bf91399ffb881ed26
http://security.debian.org/pool/updates/main/g/gopher/gopherd_3.0.3woody1_mipsel.deb
Size/MD5 checksum: 109308 aad80866bf9d615a079f70080e4b7c9f
PowerPC architecture:
http://security.debian.org/pool/updates/main/g/gopher/gopher_3.0.3woody1_powerpc.deb
Size/MD5 checksum: 120924 8b5741c2db865625ff6ed00087d77fa0
http://security.debian.org/pool/updates/main/g/gopher/gopherd_3.0.3woody1_powerpc.deb
Size/MD5 checksum: 102660 e51128248e56bb60eab6ab4a2974e3d8
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/g/gopher/gopher_3.0.3woody1_s390.deb
Size/MD5 checksum: 116154 117945606232036f793a9949b9ac0141
http://security.debian.org/pool/updates/main/g/gopher/gopherd_3.0.3woody1_s390.deb
Size/MD5 checksum: 99710 e7e3cb0d53b024d13be36af41fcf9994
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/g/gopher/gopher_3.0.3woody1_sparc.deb
Size/MD5 checksum: 121790 2f6db0257015d8a42230e3e8e95f9f28
http://security.debian.org/pool/updates/main/g/gopher/gopherd_3.0.3woody1_sparc.deb
Size/MD5 checksum: 102074 dcfd0b3412c55d9d8f911c9f9204fd08
These files will probably be moved into the stable distribution on
its next revision.
- - ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
iD8DBQE/amg8ArxCt0PiXR4RAjgVAJ4rEWwah7TfSESBC07AutN6k7z4MQCeP2EH
51x1gPLs80Tyv9ol9Pr1ogY=
=bSRw
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
If you believe that your computer system has been compromised or attacked in
any way, we encourage you to let us know by completing the secure National IT
Incident Reporting Form at:
http://www.auscert.org.au/render.html?it=3192
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business
hours which are GMT+10:00 (AEST). On call after hours
for member emergencies only.
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQCVAwUBP25a4yh9+71yA2DNAQEBcQP/Z2LEtyawngtU+NiYfbqXdbsETNtaEmFI
TBHvRlE1huESMUnjhB4U0zKH8PQ5DRsionkaLx5g0/gqqjo//04t/1j6qC4fSWA8
mPUsfYtQ3B9jGK2GhE3BbQyRUXWj/tUpQSZDDCKOKeTKDIm3LopMs00QBy6V14Rd
tVYyCh6vKJM=
=QGkQ
-----END PGP SIGNATURE-----