Spring navigering over

• Om Debian
• Nyheder
• Få fat i Debian
• Support
• Udviklerhjørnet
• Sideoversigt
• Søg

Debians sikkerhedsbulletin

DSA-298-1 epic4 -- bufferoverløb

Rapporteret den:

2. maj 2003

Berørte pakker:

epic4

Sårbar:

Ja

Referencer i sikkerhedsdatabaser:

I Bugtraq-databasen (hos SecurityFocus): BugTraq-id 7098, BugTraq-id 7095, BugTraq-id 7094, BugTraq-id 7093.
I Mitres CVE-ordbog: CVE-2003-0323.

Yderligere oplysninger:

Timo Sirainen har opdaget flere problemer i EPIC4, en populær klient til Internet Relay Chat (IRC). På en ondsindet server kunne der laves særlige svarstrenge, der kunne få klienten til at skrive ud over buffergrænser. Dette kunne føre til et lammelsesangreb, hvis klienten kun gik ned, men kunne også føre til udførelse af vilkårlig kode under den chattende brugers brugerid.

I den stabile distribution (woody) er disse problemer rettet i version 1.1.2.20020219-2.1.

I den gamle stabile distribution (potato) er disse problemer rettet i version pre2.508-2.3.

I den ustabile distribution (sid) er disse problemer rettet i version 1.1.11.20030409-1.

Vi anbefaler at du opgraderer din EPIC4-pakke.

Rettet i:

Debian GNU/Linux 2.2 (potato)

Kildekode:

http://security.debian.org/pool/updates/main/e/epic4/epic4_pre2.508-2.3.dsc

http://security.debian.org/pool/updates/main/e/epic4/epic4_pre2.508-2.3.diff.gz

http://security.debian.org/pool/updates/main/e/epic4/epic4_pre2.508.orig.tar.gz

Alpha:

http://security.debian.org/pool/updates/main/e/epic4/epic4_pre2.508-2.3_alpha.deb

ARM:

http://security.debian.org/pool/updates/main/e/epic4/epic4_pre2.508-2.3_arm.deb

Intel IA-32:

http://security.debian.org/pool/updates/main/e/epic4/epic4_pre2.508-2.3_i386.deb

Motorola 680x0:

http://security.debian.org/pool/updates/main/e/epic4/epic4_pre2.508-2.3_m68k.deb

PowerPC:

http://security.debian.org/pool/updates/main/e/epic4/epic4_pre2.508-2.3_powerpc.deb

Sun Sparc:

http://security.debian.org/pool/updates/main/e/epic4/epic4_pre2.508-2.3_sparc.deb

Debian GNU/Linux 3.0 (woody)

Kildekode:

http://security.debian.org/pool/updates/main/e/epic4/epic4_1.1.2.20020219-2.1.dsc

http://security.debian.org/pool/updates/main/e/epic4/epic4_1.1.2.20020219-2.1.diff.gz

http://security.debian.org/pool/updates/main/e/epic4/epic4_1.1.2.20020219.orig.tar.gz

Alpha:

http://security.debian.org/pool/updates/main/e/epic4/epic4_1.1.2.20020219-2.1_alpha.deb

ARM:

http://security.debian.org/pool/updates/main/e/epic4/epic4_1.1.2.20020219-2.1_arm.deb

Intel IA-32:

http://security.debian.org/pool/updates/main/e/epic4/epic4_1.1.2.20020219-2.1_i386.deb

Intel IA-64:

http://security.debian.org/pool/updates/main/e/epic4/epic4_1.1.2.20020219-2.1_ia64.deb

HPPA:

http://security.debian.org/pool/updates/main/e/epic4/epic4_1.1.2.20020219-2.1_hppa.deb

Motorola 680x0:

http://security.debian.org/pool/updates/main/e/epic4/epic4_1.1.2.20020219-2.1_m68k.deb

Big endian MIPS:

http://security.debian.org/pool/updates/main/e/epic4/epic4_1.1.2.20020219-2.1_mips.deb

Little endian MIPS:

http://security.debian.org/pool/updates/main/e/epic4/epic4_1.1.2.20020219-2.1_mipsel.deb

PowerPC:

http://security.debian.org/pool/updates/main/e/epic4/epic4_1.1.2.20020219-2.1_powerpc.deb

IBM S/390:

http://security.debian.org/pool/updates/main/e/epic4/epic4_1.1.2.20020219-2.1_s390.deb

Sun Sparc:

http://security.debian.org/pool/updates/main/e/epic4/epic4_1.1.2.20020219-2.1_sparc.deb

MD5-kontrolsummer for de listede filer findes i den originale sikkerhedsbulletin.

Denne side findes også på følgende sprog:

Deutsch English español français Português Русский (Russkij) suomi svenska

Sådan opsætter du standardsprogvalg for dokumenter