[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

UNIRAS Brief - 100/04 - Two Debian Security Advisories



 
-----BEGIN PGP SIGNED MESSAGE-----

- ----------------------------------------------------------------------------------
   UNIRAS (UK Govt CERT) Briefing Notice - 100/04 dated 03.03.04  Time: 14:40  
  UNIRAS is part of NISCC (National Infrastructure Security Co-ordination Centre)
- ---------------------------------------------------------------------------------- 
  UNIRAS material is also available from its website at www.uniras.gov.uk and
         Information about NISCC is available from www.niscc.gov.uk
- ----------------------------------------------------------------------------------

Title
=====

DSA 451-1: New xboing packages fix buffer overflows.

DSA 452-1: New libapache-mod-python packages fix denial of service.

Detail
====== 

1. Steve Kemp discovered a number of buffer overflow vulnerabilities in xboing,
a game, which could be exploited by a local attacker to gain gid "games".

2. The Apache Software Foundation announced that some versions of mod_python
contain a bug which, when processing a request with a malformed query string, 
could cause the corresponding Apache child to crash.  This bug could be exploited
by a remote attacker to cause a denial of service.



1.

- - --------------------------------------------------------------------------
Debian Security Advisory DSA 451-1                     security@xxxxxxxxxx
http://www.debian.org/security/                             Matt Zimmerman
February 27th, 2004                     http://www.debian.org/security/faq
- - --------------------------------------------------------------------------

Package        : xboing
Vulnerability  : buffer overflows
Problem-Type   : local
Debian-specific: no
CVE Id         : CAN-2004-0149
Debian bug     : 174924

Steve Kemp discovered a number of buffer overflow vulnerabilities in xboing, a game, which could be exploited by a local attacker to gain gid "games".

For the current stable distribution (woody) these problems have been fixed in version 2.4-26woody1.

For the unstable distribution (sid), these problems have been fixed in version 2.4-26.1.

We recommend that you update your xboing package.

Upgrade Instructions
- - --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody
- - --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/x/xboing/xboing_2.4-26woody1.dsc
      Size/MD5 checksum:      580 f9ef94d37b5db34cf867d172529ad325
    http://security.debian.org/pool/updates/main/x/xboing/xboing_2.4-26woody1.diff.gz
      Size/MD5 checksum:    13200 3627d000f33d496e5092bef84c92963e
    http://security.debian.org/pool/updates/main/x/xboing/xboing_2.4.orig.tar.gz
      Size/MD5 checksum:   586869 3b6ebbf4321cffc69048e5611aa9d28d

  Alpha architecture:

    http://security.debian.org/pool/updates/main/x/xboing/xboing_2.4-26woody1_alpha.deb
      Size/MD5 checksum:   533078 77530ad6b6abdb480af6a7d5ba03d609

  ARM architecture:

    http://security.debian.org/pool/updates/main/x/xboing/xboing_2.4-26woody1_arm.deb
      Size/MD5 checksum:   520166 de88300d9d4d6232b0e04d8dc700d5f1

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/x/xboing/xboing_2.4-26woody1_i386.deb
      Size/MD5 checksum:   510744 21f12476ececfab492a3525162e465bf

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/x/xboing/xboing_2.4-26woody1_ia64.deb
      Size/MD5 checksum:   575066 d59a129a157f2c7f0d6b155d5c219c24

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/x/xboing/xboing_2.4-26woody1_hppa.deb
      Size/MD5 checksum:   516918 ef35a77de22e3785953b4824ae0f1324

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/x/xboing/xboing_2.4-26woody1_m68k.deb
      Size/MD5 checksum:   509124 065f733083fac4310355ed1d212b386d

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/x/xboing/xboing_2.4-26woody1_mips.deb
      Size/MD5 checksum:   525836 b0af1feb5d8ced400a5e783f0abcfcd9

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/x/xboing/xboing_2.4-26woody1_mipsel.deb
      Size/MD5 checksum:   523436 34f791984ef83ac3237c40a3a615e3a0

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/x/xboing/xboing_2.4-26woody1_powerpc.deb
      Size/MD5 checksum:   512960 09be35d56f9707f45cda7971c1996b58

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/x/xboing/xboing_2.4-26woody1_s390.deb
      Size/MD5 checksum:   515484 2d00881d1d4204fef37e9a650bf96b90

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/x/xboing/xboing_2.4-26woody1_sparc.deb
      Size/MD5 checksum:   515784 517ce299d41930a7ed18ac2b48f178a1

  These files will probably be moved into the stable distribution on
  its next revision.

- - ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@xxxxxxxxxxxxxxxx
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg> -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFAP78pArxCt0PiXR4RAghgAKDLDkgdDexBugBvugGdwThD2AxljQCcDOIJ
hz+d6aRx3VA8EzL9AUrnOQ8=
=qvMv
- -----END PGP SIGNATURE-----




2. 

- - --------------------------------------------------------------------------
Debian Security Advisory DSA 452-1                     security@xxxxxxxxxx
http://www.debian.org/security/                             Matt Zimmerman
February 29th, 2004                     http://www.debian.org/security/faq
- - --------------------------------------------------------------------------

Package        : libapache-mod-python
Vulnerability  : denial of service
Problem-Type   : remote
Debian-specific: no
CVE Id         : CAN-2003-0973
Debian bug     : 222828

The Apache Software Foundation announced that some versions of mod_python contain a bug which, when processing a request with a malformed query string, could cause the corresponding Apache child to crash.  This bug could be exploited by a remote attacker to cause a denial of service.

For the current stable distribution (woody) this problem has been fixed in version 2:2.7.8-0.0woody2.

For the unstable distribution (sid), this problem has been fixed in version 2:2.7.10-1.

We recommend that you update your libapache-mod-python package.

Upgrade Instructions
- - --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody
- - --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/liba/libapache-mod-python/libapache-mod-python_2.7.8-0.0woody2.dsc
      Size/MD5 checksum:      715 3f6bd19f154109251e7ee9b8db73ebfb
    http://security.debian.org/pool/updates/main/liba/libapache-mod-python/libapache-mod-python_2.7.8-0.0woody2.diff.gz
      Size/MD5 checksum:     7564 bad7102a98f242d28ff3736e4e971fe5
    http://security.debian.org/pool/updates/main/liba/libapache-mod-python/libapache-mod-python_2.7.8.orig.tar.gz
      Size/MD5 checksum:   176639 4d5bee8317bfb45a3bb09f02b435e917

  Alpha architecture:

    http://security.debian.org/pool/updates/main/liba/libapache-mod-python/libapache-mod-python_2.7.8-0.0woody2_alpha.deb
      Size/MD5 checksum:   120032 20e1ba89516235ec67df12f8a0236198

  ARM architecture:

    http://security.debian.org/pool/updates/main/liba/libapache-mod-python/libapache-mod-python_2.7.8-0.0woody2_arm.deb
      Size/MD5 checksum:   117906 64b6fbcbe483dc388f5cb4e75fa63610

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/liba/libapache-mod-python/libapache-mod-python_2.7.8-0.0woody2_i386.deb
      Size/MD5 checksum:   117296 e2ab69380e7e9451ab454605cb1d3e34

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/liba/libapache-mod-python/libapache-mod-python_2.7.8-0.0woody2_ia64.deb
      Size/MD5 checksum:   131076 cea1f9dca578ba7e4cac7a7bc8638829

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/liba/libapache-mod-python/libapache-mod-python_2.7.8-0.0woody2_hppa.deb
      Size/MD5 checksum:   119784 fcfe4d4ddbdbf29255a51eee77c10422

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/liba/libapache-mod-python/libapache-mod-python_2.7.8-0.0woody2_m68k.deb
      Size/MD5 checksum:   118270 dff9473d327a981959831c9a08a48053

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/liba/libapache-mod-python/libapache-mod-python_2.7.8-0.0woody2_mips.deb
      Size/MD5 checksum:   117288 0d51ab71f85b5d93b23f593be4e8e7e6

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/liba/libapache-mod-python/libapache-mod-python_2.7.8-0.0woody2_mipsel.deb
      Size/MD5 checksum:   117018 52d9bca3ae178e68ef20b64dfb6b96a9

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/liba/libapache-mod-python/libapache-mod-python_2.7.8-0.0woody2_powerpc.deb
      Size/MD5 checksum:   118232 6a42f9f8f923837788b586c711a6fa6b

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/liba/libapache-mod-python/libapache-mod-python_2.7.8-0.0woody2_s390.deb
      Size/MD5 checksum:   119002 f13e42b816e93b5c6533df6b8c0aa597

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/liba/libapache-mod-python/libapache-mod-python_2.7.8-0.0woody2_sparc.deb
      Size/MD5 checksum:   118176 23da855358f4b8cff799a9478c8e2d81

  These files will probably be moved into the stable distribution on
  its next revision.

- - ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@xxxxxxxxxxxxxxxx
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg> -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFAQrzhArxCt0PiXR4RAqQ4AKCud/x/+9X1xzVLVdbGMekduYMHvwCgo04h
yM+/eqaKOhlpewhpTh0gx8k=
=Z9dR
- -----END PGP SIGNATURE-----


- ----------------------------------------------------------------------------------

For additional information or assistance, please contact the HELP Desk by 
telephone or Not Protectively Marked information may be sent via 
EMail to: uniras@xxxxxxxxxxxx

Office Hours:
Mon - Fri: 08:30 - 17:00 Hrs
Tel: +44 (0) 20 7821 1330 Ext 4511
Fax: +44 (0) 20 7821 1686

Outside of Office Hours:
On Call Duty Officer:
Tel: +44 (0) 20 7821 1330 and follow the prompts

- ----------------------------------------------------------------------------------
UNIRAS wishes to acknowledge the contributions of Debian for the information 
contained in this Briefing. 
- ----------------------------------------------------------------------------------
This Briefing contains the information released by the original author. Some 
of the information may have changed since it was released. If the vulnerability 
affects you, it may be prudent to retrieve the advisory from the canonical site 
to ensure that you receive the most current information concerning that problem.

Reference to any specific commercial product, process, or service by trade 
name, trademark manufacturer, or otherwise, does not constitute or imply 
its endorsement, recommendation, or favouring by UNIRAS or NISCC.  The views 
and opinions of authors expressed within this notice shall not be used for 
advertising or product endorsement purposes.

Neither UNIRAS or NISCC shall also accept responsibility for any errors 
or omissions contained within this briefing notice. In particular, they shall 
not be liable for any loss or damage whatsoever, arising from or in connection 
with the usage of information contained within this notice.

UNIRAS is a member of the Forum of Incident Response and Security Teams (FIRST) 
and has contacts with other international Incident Response Teams (IRTs) in 
order to foster cooperation and coordination in incident prevention, to prompt 
rapid reaction to incidents, and to promote information sharing amongst its 
members and the community at large. 
- ----------------------------------------------------------------------------------
<End of UNIRAS Briefing>

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0

iQCVAwUBQEXtwIpao72zK539AQGz2wP/U13B8QFrmkwSuw+ubsaTzQUSwHpv8ifZ
MjZYi3yI/ZX1PQN2h7TL61TOW1UtgZwXrecvq/1gFXm3eZ3B1IPbP3b4Ec2xhEFP
y+cgLxMvIkTmVRwGlXFPhaWH6AJyaEOxNyAPlMyXXGmRY7CuXuilY+WN7GgmHqAZ
ZOgCb7C9p6I=
=0TkQ
-----END PGP SIGNATURE-----