drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Pufferüberlauf in gkrellmd
Name: |
Pufferüberlauf in gkrellmd
|
|
ID: |
MDKSA-2003:087 |
|
Distribution: |
Mandrake |
|
Plattformen: |
Mandrake 9.1 |
|
Datum: |
Fr, 29. August 2003, 13:00 |
|
Referenzen: |
Keine Angabe |
|
Applikationen: |
GKrellM |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
________________________________________________________________________
Mandrake Linux Security Update Advisory ________________________________________________________________________
Package name: gkrellm Advisory ID: MDKSA-2003:087 Date: August 28th, 2003
Affected versions: 9.1 ________________________________________________________________________
Problem Description:
A buffer overflow was discovered in gkrellmd, the server component of the gkrellm monitor package, in versions of gkrellm 2.1.x prior to 2.1.14. This buffer overflow occurs while reading data from connected gkrellm clients and can lead to possible arbitrary code execution as the user running the gkrellmd server. Updated packages are available for Mandrake Linux 9.1 which correct the problem. ________________________________________________________________________
References: ________________________________________________________________________
Updated Packages: Mandrake Linux 9.1: c02f29d80835be10c7474f7ecd1437ef 9.1/RPMS/gkrellm-2.1.7a-2.2mdk.i586.rpm 293591b66fa463f69a554ac2efcb1940 9.1/RPMS/gkrellm-devel-2.1.7a-2.2mdk.i586.rpm a7b3793b971fef4865ba83d93b055b82 9.1/RPMS/gkrellm-server-2.1.7a-2.2mdk.i586.rpm a3d8c546650754a5d69569a88d35782b 9.1/SRPMS/gkrellm-2.1.7a-2.2mdk.src.rpm
Mandrake Linux 9.1/PPC: 411b6128256554b16c3beeb53bbae224 ppc/9.1/RPMS/gkrellm-2.1.7a-2.2mdk.ppc.rpm 257691a20effd147d53d1dd9d93a12dd ppc/9.1/RPMS/gkrellm-devel-2.1.7a-2.2mdk.ppc.rpm 073b0b1f3d5b1b91776b7769bee8550c ppc/9.1/RPMS/gkrellm-server-2.1.7a-2.2mdk.ppc.rpm a3d8c546650754a5d69569a88d35782b ppc/9.1/SRPMS/gkrellm-2.1.7a-2.2mdk.src.rpm ________________________________________________________________________
Bug IDs fixed (see https://qa.mandrakesoft.com for more information): ________________________________________________________________________
To upgrade automatically, use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
A list of FTP mirrors can be obtained from:
http://www.mandrakesecure.net/en/ftp.php
All packages are signed by MandrakeSoft for security. You can obtain the GPG public key of the Mandrake Linux Security Team by executing:
gpg --recv-keys --keyserver www.mandrakesecure.net 0x22458A98
Please be aware that sometimes it takes the mirrors a few hours to update.
You can view other update advisories for Mandrake Linux at:
http://www.mandrakesecure.net/en/advisories/
MandrakeSoft has several security-related mailing list services that anyone can subscribe to. Information on these lists can be obtained by visiting:
http://www.mandrakesecure.net/en/mlist.php
If you want to report vulnerabilities, please contact
security_linux-mandrake.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team <security linux-mandrake.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQE/TuHKmqjQ0CJFipgRAildAJ4soArEhuVkqMztk9RYfCa5ozlRVgCfe9UA P1l5dwePZ0Mv3JmTOwBN6uM= =V/tb -----END PGP SIGNATURE-----
|
|
|
|