Login
Newsletter
Werbung
Sicherheit: Ausführen beliebiger FTP-Kommandos in kdelibs
Aktuelle Meldungen Distributionen
Name: Ausführen beliebiger FTP-Kommandos in kdelibs
ID: DSA-631-1
Distribution: Debian
Plattformen: Debian woody
Datum: Di, 11. Januar 2005, 12:00
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1165
http://www.securityfocus.com/bid/11827
Applikationen: KDE Software Compilation

Originalnachricht

 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

--------------------------------------------------------------------------
Debian Security Advisory DSA 631-1                     security@debian.org
http://www.debian.org/security/                             Martin Schulze
January 10th, 2005                      http://www.debian.org/security/faq
--------------------------------------------------------------------------

Package        : kdelibs
Vulnerability  : unsanitised input
Problem-Type   : remote
Debian-specific: no
CVE ID         : CAN-2004-1165
BugTraq ID     : 11827
Debian Bug     : 287201

Thiago Macieira discovered a vulnerability in the kioslave library,
which is part of kdelibs, which allows a remote attacker to execute
arbitrary FTP commands via an ftp:// URL that contains an URL-encoded
newline before the FTP command.

For the stable distribution (woody) this problem has been fixed in
version 2.2.2-13.woody.13.

For the unstable distribution (sid) this problem will be fixed soon.

We recommend that you upgrade your kdelibs3 package.


Upgrade Instructions
--------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.0 alias woody
--------------------------------

  Source archives:

    kdelibs_2.2.2-13.woody.13.dsc
      Size/MD5 checksum:     1355 9f1e4e8b1a72437dc747d3bfe888c666
    kdelibs_2.2.2-13.woody.13.diff.gz
      Size/MD5 checksum:    60430 c3a698d55e20f3728b4bbe97e9526811
    kdelibs_2.2.2.orig.tar.gz
      Size/MD5 checksum:  6396699 7a9277a2e727821338f751855c2ce5d3

  Architecture independent components:

    kdelibs3-doc_2.2.2-13.woody.13_all.deb
      Size/MD5 checksum:  2564706 9a50557f2f62784657a6e1e32082ecf2

  Alpha architecture:

    kdelibs-dev_2.2.2-13.woody.13_alpha.deb
      Size/MD5 checksum:   757688 dd6923238a88caa78044bd52a2f98d57
    kdelibs3_2.2.2-13.woody.13_alpha.deb
      Size/MD5 checksum:  7533272 9f5b2429c330a0782646085a95908fd3
    kdelibs3-bin_2.2.2-13.woody.13_alpha.deb
      Size/MD5 checksum:   137604 277dc86087dc4403c675317bdb3cf32b
    kdelibs3-cups_2.2.2-13.woody.13_alpha.deb
      Size/MD5 checksum:   202192 208698d6df409f737b5d489115790783
    libarts_2.2.2-13.woody.13_alpha.deb
      Size/MD5 checksum:  1022456 f13b1bf9a0de99922522976a4f0c05c6
    libarts-alsa_2.2.2-13.woody.13_alpha.deb
      Size/MD5 checksum:  1029340 4e6fb0ab7e3ba765617dbd860d910faa
    libarts-dev_2.2.2-13.woody.13_alpha.deb
      Size/MD5 checksum:   198392 0e8b5d5b1e4874744faee948d58435c9
    libkmid_2.2.2-13.woody.13_alpha.deb
      Size/MD5 checksum:   174916 c1f73f9648de0fa7c35dc88f6976a87b
    libkmid-alsa_2.2.2-13.woody.13_alpha.deb
      Size/MD5 checksum:   178366 fd3e1407968bd90f3ca32c1bd3e61bd6
    libkmid-dev_2.2.2-13.woody.13_alpha.deb
      Size/MD5 checksum:    37414 c08246070fb2f52ae94c59b50f82cbf9

  ARM architecture:

    kdelibs-dev_2.2.2-13.woody.13_arm.deb
      Size/MD5 checksum:   743962 47723eb9417b084a049b13824d5f0da9
    kdelibs3_2.2.2-13.woody.13_arm.deb
      Size/MD5 checksum:  6590134 d19e19217d361c4ca229186ce794c213
    kdelibs3-bin_2.2.2-13.woody.13_arm.deb
      Size/MD5 checksum:   104794 a80c15dd83aceecf6d05fb01a381a582
    kdelibs3-cups_2.2.2-13.woody.13_arm.deb
      Size/MD5 checksum:   186800 2de874daa00f8b17807f5efa95ccdac2
    libarts_2.2.2-13.woody.13_arm.deb
      Size/MD5 checksum:   651944 df001c3bba12297757812caa0bcb676a
    libarts-alsa_2.2.2-13.woody.13_arm.deb
      Size/MD5 checksum:   655556 05b24ff6a055b8fbe6ba3f1795631533
    libarts-dev_2.2.2-13.woody.13_arm.deb
      Size/MD5 checksum:   155864 f9268cec205df73dc25602d64738c356
    libkmid_2.2.2-13.woody.13_arm.deb
      Size/MD5 checksum:   125018 60de0c401b10157b45f24c4f34c4d23c
    libkmid-alsa_2.2.2-13.woody.13_arm.deb
      Size/MD5 checksum:   128128 ff5f7f66cc6e4ff8079c18499b5bb8c0
    libkmid-dev_2.2.2-13.woody.13_arm.deb
      Size/MD5 checksum:    37410 b3e2a7b2faae47b21929bc35eb2c98d5

  Intel IA-32 architecture:

    kdelibs-dev_2.2.2-13.woody.13_i386.deb
      Size/MD5 checksum:   743254 4caa9cdefd22a558a2030b806e150717
    kdelibs3_2.2.2-13.woody.13_i386.deb
      Size/MD5 checksum:  6639808 cb49d4526e939979a05b820663551b5c
    kdelibs3-bin_2.2.2-13.woody.13_i386.deb
      Size/MD5 checksum:   106324 4799aeee22a9732ff2549010f3350b2b
    kdelibs3-cups_2.2.2-13.woody.13_i386.deb
      Size/MD5 checksum:   183322 2a63cc241cbe10822f37d1733cca114b
    libarts_2.2.2-13.woody.13_i386.deb
      Size/MD5 checksum:   625464 c98c7031a878f758d226cebe1887eeab
    libarts-alsa_2.2.2-13.woody.13_i386.deb
      Size/MD5 checksum:   629712 0e9c222aa4251970a69546d3c8e28c75
    libarts-dev_2.2.2-13.woody.13_i386.deb
      Size/MD5 checksum:   155900 d539482e4f19dd555ef4fc57727747f8
    libkmid_2.2.2-13.woody.13_i386.deb
      Size/MD5 checksum:   123712 41ed509e764c68c082e73262c21ce332
    libkmid-alsa_2.2.2-13.woody.13_i386.deb
      Size/MD5 checksum:   126790 df83febebfe326d760530ad5f9a79f51
    libkmid-dev_2.2.2-13.woody.13_i386.deb
      Size/MD5 checksum:    37414 0d24cd4d03f4c8dbde9254bbde84232d

  Intel IA-64 architecture:

    kdelibs-dev_2.2.2-13.woody.13_ia64.deb
      Size/MD5 checksum:   768116 91c03e1b564a015d5e92d01ead2f6451
    kdelibs3_2.2.2-13.woody.13_ia64.deb
      Size/MD5 checksum:  8843460 69c19168154f704047d64dd88847c70b
    kdelibs3-bin_2.2.2-13.woody.13_ia64.deb
      Size/MD5 checksum:   153932 7ece8356ca3962b7196f15519114038a
    kdelibs3-cups_2.2.2-13.woody.13_ia64.deb
      Size/MD5 checksum:   257512 2058f03f33ccfcc118d8fe302aeea3b1
    libarts_2.2.2-13.woody.13_ia64.deb
      Size/MD5 checksum:  1045706 c394fc1bd3a8cc10657a573376056cfa
    libarts-alsa_2.2.2-13.woody.13_ia64.deb
      Size/MD5 checksum:  1051150 876d795e349b5eb87fd981c206c0e17c
    libarts-dev_2.2.2-13.woody.13_ia64.deb
      Size/MD5 checksum:   199694 960281cc920bb56c6ae22cb8501c45ab
    libkmid_2.2.2-13.woody.13_ia64.deb
      Size/MD5 checksum:   185712 2cfd9e82757cd6155bdfb8622762db66
    libkmid-alsa_2.2.2-13.woody.13_ia64.deb
      Size/MD5 checksum:   191226 a7ff1986e0d54c69083a519bb41414ce
    libkmid-dev_2.2.2-13.woody.13_ia64.deb
      Size/MD5 checksum:    37408 f03bc5824688ae2188d915c02bd35001

  HP Precision architecture:

    kdelibs-dev_2.2.2-13.woody.13_hppa.deb
      Size/MD5 checksum:   750044 bf9e9538ff0ae4f04d314d0e190ba87f
    kdelibs3_2.2.2-13.woody.13_hppa.deb
      Size/MD5 checksum:  7345290 90e867caf7837b8b2b863c53d1d821bb
    kdelibs3-bin_2.2.2-13.woody.13_hppa.deb
      Size/MD5 checksum:   117690 8f68f3e418000d803ce8dece02af15b6
    kdelibs3-cups_2.2.2-13.woody.13_hppa.deb
      Size/MD5 checksum:   218160 bc41b54ce12b2db6adb6a35547a7bd16
    libarts_2.2.2-13.woody.13_hppa.deb
      Size/MD5 checksum:  1111924 4667cefbe0056a23f337884436c09510
    libarts-alsa_2.2.2-13.woody.13_hppa.deb
      Size/MD5 checksum:  1115514 2c04bec4f2a6e242321b6edaedea0686
    libarts-dev_2.2.2-13.woody.13_hppa.deb
      Size/MD5 checksum:   207908 91c9bc6d622888c0ede43ecba31bcb77
    libkmid_2.2.2-13.woody.13_hppa.deb
      Size/MD5 checksum:   172218 7d5d280cf79772917ce0ab9896b9f361
    libkmid-alsa_2.2.2-13.woody.13_hppa.deb
      Size/MD5 checksum:   176358 8b1cf4d1a479f7e1cea419f2dc1098ab
    libkmid-dev_2.2.2-13.woody.13_hppa.deb
      Size/MD5 checksum:    37408 69293e3f4b104c85adef4521df7d07fd

  Motorola 680x0 architecture:

    kdelibs-dev_2.2.2-13.woody.13_m68k.deb
      Size/MD5 checksum:   740368 2a77fccf3f8a342946575065373dbd62
    kdelibs3_2.2.2-13.woody.13_m68k.deb
      Size/MD5 checksum:  6484976 d315d8f12097fa3dbaa08dcb0be67e1f
    kdelibs3-bin_2.2.2-13.woody.13_m68k.deb
      Size/MD5 checksum:   103834 f03d0a40602fd442df45a229df3dbea6
    kdelibs3-cups_2.2.2-13.woody.13_m68k.deb
      Size/MD5 checksum:   178722 d26c0f719886747d1709c110ad034b16
    libarts_2.2.2-13.woody.13_m68k.deb
      Size/MD5 checksum:   628884 cd8c249abf5f1724b34d4800404dd62b
    libarts-alsa_2.2.2-13.woody.13_m68k.deb
      Size/MD5 checksum:   633404 41ed2c1f76d4d2bc26f98b8bf2fdd895
    libarts-dev_2.2.2-13.woody.13_m68k.deb
      Size/MD5 checksum:   151352 d98fe7855c9794fb39dbb46980a632ab
    libkmid_2.2.2-13.woody.13_m68k.deb
      Size/MD5 checksum:   120964 21aa4fa0c572cf37083b7a90ea8fc00b
    libkmid-alsa_2.2.2-13.woody.13_m68k.deb
      Size/MD5 checksum:   123888 413e21f67c36c46ad05c0824656db826
    libkmid-dev_2.2.2-13.woody.13_m68k.deb
      Size/MD5 checksum:    37418 ff5766f8588e2c08c95002efc6860e70

  Big endian MIPS architecture:

    kdelibs-dev_2.2.2-13.woody.13_mips.deb
      Size/MD5 checksum:   740170 9867121e6108bfdbb5f4b7ca1d6454b8
    kdelibs3_2.2.2-13.woody.13_mips.deb
      Size/MD5 checksum:  6284608 1bff0261be6c8eea8c4cf4cc63f57f8c
    kdelibs3-bin_2.2.2-13.woody.13_mips.deb
      Size/MD5 checksum:   107108 ec5433a58078b3f07658563dd2c46dc9
    kdelibs3-cups_2.2.2-13.woody.13_mips.deb
      Size/MD5 checksum:   161238 4e686e5be67f47c5fda98d3dddef7330
    libarts_2.2.2-13.woody.13_mips.deb
      Size/MD5 checksum:   621128 dd49b6b852e069e1013f492573ee6313
    libarts-alsa_2.2.2-13.woody.13_mips.deb
      Size/MD5 checksum:   625454 71a7a6d2b8840be6fc85d3a9561d33c0
    libarts-dev_2.2.2-13.woody.13_mips.deb
      Size/MD5 checksum:   176112 a83da928b5e671bb91b4b948483301a3
    libkmid_2.2.2-13.woody.13_mips.deb
      Size/MD5 checksum:   124514 55d3861410c4197ed62d038f6b0e0174
    libkmid-alsa_2.2.2-13.woody.13_mips.deb
      Size/MD5 checksum:   127520 d0ed4fa232f26c2614e409b63dcbb404
    libkmid-dev_2.2.2-13.woody.13_mips.deb
      Size/MD5 checksum:    37416 d50528b065c60365fce0f4f547fa1081

  Little endian MIPS architecture:

    kdelibs-dev_2.2.2-13.woody.13_mipsel.deb
      Size/MD5 checksum:   739504 9c820274c13b065fd07f70a7aeb1d76c
    kdelibs3_2.2.2-13.woody.13_mipsel.deb
      Size/MD5 checksum:  6190780 c94de3b327a3ea6e6da8ac924f0c95b8
    kdelibs3-bin_2.2.2-13.woody.13_mipsel.deb
      Size/MD5 checksum:   106116 d3e01486a63d316c7e810c918f552f89
    kdelibs3-cups_2.2.2-13.woody.13_mipsel.deb
      Size/MD5 checksum:   159470 708f7419e7159ee0c9379e21893cb012
    libarts_2.2.2-13.woody.13_mipsel.deb
      Size/MD5 checksum:   613928 d4432e95d2ecf4d27e57addf221290c3
    libarts-alsa_2.2.2-13.woody.13_mipsel.deb
      Size/MD5 checksum:   617482 0949980c00dc4c0e4e2230e7564c79ed
    libarts-dev_2.2.2-13.woody.13_mipsel.deb
      Size/MD5 checksum:   175278 69d9f9e674c087d21cac575a3b719366
    libkmid_2.2.2-13.woody.13_mipsel.deb
      Size/MD5 checksum:   123532 efc8d3c2537bedf25efd48f1ebd36a8b
    libkmid-alsa_2.2.2-13.woody.13_mipsel.deb
      Size/MD5 checksum:   126502 2e3592fb492f5d378f98ba2a4780d57c
    libkmid-dev_2.2.2-13.woody.13_mipsel.deb
      Size/MD5 checksum:    37416 9909601d093c5724f16bef19159f3f86

  PowerPC architecture:

    kdelibs-dev_2.2.2-13.woody.13_powerpc.deb
      Size/MD5 checksum:   741200 72157542a537a782a753d20377791f70
    kdelibs3_2.2.2-13.woody.13_powerpc.deb
      Size/MD5 checksum:  6743390 7b96545e5ae4ec6072bc4cc9a5614d0a
    kdelibs3-bin_2.2.2-13.woody.13_powerpc.deb
      Size/MD5 checksum:   106234 b216558d8fae124b2ef7b84e00e23e2a
    kdelibs3-cups_2.2.2-13.woody.13_powerpc.deb
      Size/MD5 checksum:   182866 efa1b57fdc82602a9e0115ba5da5f98b
    libarts_2.2.2-13.woody.13_powerpc.deb
      Size/MD5 checksum:   691294 bb4194b02266ce96725464dadb914964
    libarts-alsa_2.2.2-13.woody.13_powerpc.deb
      Size/MD5 checksum:   694974 48baf346a6a343e5dcdb71c072a7ff35
    libarts-dev_2.2.2-13.woody.13_powerpc.deb
      Size/MD5 checksum:   154106 597dcec6c1576357d49307bff5caeeb0
    libkmid_2.2.2-13.woody.13_powerpc.deb
      Size/MD5 checksum:   127836 706d72cd9a65dfad671376aec0e05af5
    libkmid-alsa_2.2.2-13.woody.13_powerpc.deb
      Size/MD5 checksum:   130734 30bf40e7f6082cf1deb935296aab00d1
    libkmid-dev_2.2.2-13.woody.13_powerpc.deb
      Size/MD5 checksum:    37418 2d5ef75c2333eb45f6d220705d1a4bde

  IBM S/390 architecture:

    kdelibs-dev_2.2.2-13.woody.13_s390.deb
      Size/MD5 checksum:   742686 d4287af872c4190ea497fa17d1208760
    kdelibs3_2.2.2-13.woody.13_s390.deb
      Size/MD5 checksum:  6743956 3d20d186ccc54d960a61a2b8448f5705
    kdelibs3-bin_2.2.2-13.woody.13_s390.deb
      Size/MD5 checksum:   110756 f8a793df44bd3fa43ebd336955b1c5db
    kdelibs3-cups_2.2.2-13.woody.13_s390.deb
      Size/MD5 checksum:   177228 0b9b04cd294b5f67a2962e5148dee8d9
    libarts_2.2.2-13.woody.13_s390.deb
      Size/MD5 checksum:   642566 f25a3ebbfef855b98e23695ee9cf4b8a
    libarts-alsa_2.2.2-13.woody.13_s390.deb
      Size/MD5 checksum:   647584 6865ea6583be755372d292f58b975e7e
    libarts-dev_2.2.2-13.woody.13_s390.deb
      Size/MD5 checksum:   151696 8c465cb74fa93c4cc22b55e32cfff3c4
    libkmid_2.2.2-13.woody.13_s390.deb
      Size/MD5 checksum:   130184 f3d7293b8c5b615ae5ac87cd3f163ef8
    libkmid-alsa_2.2.2-13.woody.13_s390.deb
      Size/MD5 checksum:   133604 77fc9edf6261076d1b966cf41a2da7ec
    libkmid-dev_2.2.2-13.woody.13_s390.deb
      Size/MD5 checksum:    37414 9ee65840380742736c9c84196efc8a24

  Sun Sparc architecture:

    kdelibs-dev_2.2.2-13.woody.13_sparc.deb
      Size/MD5 checksum:   742052 769ed2038e89a752099b76b3e7013762
    kdelibs3_2.2.2-13.woody.13_sparc.deb
      Size/MD5 checksum:  6580508 77bbc933d96d8f445ac1b33d9fe07a89
    kdelibs3-bin_2.2.2-13.woody.13_sparc.deb
      Size/MD5 checksum:   118032 b5803cc83bfa18ca4ceebc2775ae2a2d
    kdelibs3-cups_2.2.2-13.woody.13_sparc.deb
      Size/MD5 checksum:   184454 4623c000bb8bca53541a70313c117702
    libarts_2.2.2-13.woody.13_sparc.deb
      Size/MD5 checksum:   665306 d97b8aa08520060e4b34c52bde2c30b8
    libarts-alsa_2.2.2-13.woody.13_sparc.deb
      Size/MD5 checksum:   669144 5fa5d0c77445e60b8f9729f571d7e802
    libarts-dev_2.2.2-13.woody.13_sparc.deb
      Size/MD5 checksum:   152112 6371ee88e1c46bd41ddbc7bbb7ec3100
    libkmid_2.2.2-13.woody.13_sparc.deb
      Size/MD5 checksum:   128956 79ecddc9557a7f31a7395d4aa551cc3b
    libkmid-alsa_2.2.2-13.woody.13_sparc.deb
      Size/MD5 checksum:   131662 01919846b6cc30d473eb87022fed41a2
    libkmid-dev_2.2.2-13.woody.13_sparc.deb
      Size/MD5 checksum:    37412 f66c9283e94542c62f125701f6d99178


  These files will probably be moved into the stable distribution on
  its next update.

--------------------------------------------------------------------------------
-
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-securitydists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)

iD8DBQFB4mH+W5ql+IAeqTIRAvAVAKCOJAuKkPlQlO4S+5OALeumuA9BkQCgptpG
g7Ot6wYU1d7Hclvy6DapxJQ=
=2+4S
-----END PGP SIGNATURE-----


-- 
To UNSUBSCRIBE, email to debian-security-announce-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact
 listmaster@lists.debian.org
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung