Debian fixes multiple flaws

By Bill Brenner, News Writer 19 Jul 2004 | SearchSecurity.com

Digg This!     StumbleUpon     Del.icio.us

Denial-of-service, buffer overflow and format string vulnerabilities in Debian GNU/Linux that an attacker could use to remotely execute malicious code or crash machines has been fixed. Flaws and fixes in the operating system are outlined in three advisories Debian released over the weekend.

The first fix is for a format string vulnerability in netkit-telnet-ssl, which could allow a remote attacker to execute arbitrary code with the privileges of the telnet daemon (the 'telnetd' user by default). For the stable system, called Woody, the problem has been fixed in version 0.17.17+0.1-2woody1. For the unstable system, called Sid, the problem has been fixed in version 0.17.24+0.1-2.

Copenhagen, Denmark-based IT security firm Secunia calls this flaw "highly critical."

The second fix is for a buffer overflow in l2tpd, an implementation of the layer 2 tunneling protocol. An attacker could use this to execute arbitrary code by transmitting a specially crafted packet. For Woody, Debian said the problem has been fixed in version 0.67-1.2. For Sid, the problem has been fixed in version 0.70-pre20031121-2.

Secunia calls this flaw "moderately critical."

The third fix is for several denial-of-service vulnerabilities in Ethereal, a network traffic analyzer. A malicious person could exploit it to make Ethereal crash or run arbitrary code by injecting a purposefully malformed packet onto the wire or by convincing someone to read a malformed packet trace file. The problem was first reported July 6 and affects versions 0.8.15 up to and including 0.10.4.

Secunia calls the Ethereal flaw "less critical."

Tags: Application Attacks (Buffer Overflows, Cross-Site Scripting),  Denial of Service (DoS) Attack Prevention,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Application Attacks (Buffer Overflows, Cross-Site Scripting) Adobe warns of critical update for Reader, Acrobat 9.1.3 9 Ways to Improve Application Security After an Incident Developers Need Help with Security Errors Buffer overflow tutorial: How to find vulnerabilities, prevent attacks SQL injection protection: A guide on how to prevent and stop attacks Experts rebuke programmers who use SQL injection as feature SANS: Application threats, website flaws pose biggest security threats Mozilla helps Adobe push out faster patches SSH key compromise shuts down Apache website IBM finds sharp spike in malicious content on trusted sites Application Attacks (Buffer Overflows, Cross-Site Scripting) Research Denial of Service (DoS) Attack Prevention VeriSign extends DDoS attack protection service Conficker authors prepping for next stage, researcher says Latest DDoS attacks extremely unsophisticated, experts say DDoS attacks hit U.S., South Korean government websites How to prevent a denial-of-service (DoS) attack I'll be watching you: Wireless IPS How to prevent DDoS attacks on websites How to prevent network denial-of-service attacks What are 'phlashing' attacks? Could someone place a rootkit on an internal network through a router? Denial of Service (DoS) Attack Prevention Research

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary buffer overflow  (SearchSecurity.com) cache poisoning  (SearchSecurity.com) cyberterrorism  (SearchSecurity.com) dictionary attack  (SearchSecurity.com) directory harvest attack  (SearchSecurity.com) distributed denial-of-service attack  (SearchSecurity.com) JavaScript hijacking  (SearchSecurity.com) ping of death  (SearchSecurity.com) stack smashing  (SearchSecurity.com) SYN flooding  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary