TITLE: Debian update for ketm SECUNIA ADVISORY ID: SA18225 VERIFY ADVISORY: http://secunia.com/advisories/18225/ CRITICAL: Not critical IMPACT: Privilege escalation WHERE: Local system OPERATING SYSTEM: Debian GNU/Linux 3.0 http://secunia.com/product/143/ Debian GNU/Linux 3.1 http://secunia.com/product/5307/ Debian GNU/Linux unstable alias sid http://secunia.com/product/530/ DESCRIPTION: Steve Kemp has reported a vulnerability in ketm, which can be exploited by malicious, local users to gain escalated privileges. The vulnerability is caused due to a boundary error in support.c when formatting an error message for display. This can be exploited to cause a stack-based buffer overflow via an overly long command line argument and may be exploited to execute arbitrary code with group "games" privileges. SOLUTION: Apply updated packages. -- Debian GNU/Linux 3.0 alias woody -- Source archives: http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-7woody0.dsc Size/MD5 checksum: 601 689826ac63e2c43800b4a95477e4e025 http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-7woody0.diff.gz Size/MD5 checksum: 102455 3d95dffde08a37f92b547b0d5c5cdd1f http://ftp.debian.org/debian/pool/main/k/ketm/ketm_0.0.6.orig.tar.gz Size/MD5 checksum: 2300316 815dd1ec3d3e34ed563c2e8b846c1873 Alpha architecture: http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-7woody0_alpha.deb Size/MD5 checksum: 2291294 d3ab0d5c4d226e85b22024ef26225118 ARM architecture: http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-7woody0_arm.deb Size/MD5 checksum: 2280012 770c1260ba4f98f207b933b85a76c77b Intel IA-32 architecture: http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-7woody0_i386.deb Size/MD5 checksum: 2270074 e7d544f6a7c93053e10e6dc57a9cdeca Intel IA-64 architecture: http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-7woody0_ia64.deb Size/MD5 checksum: 2314582 157ce41e4b56f4d04a51ea26e45ea701 HP Precision architecture: http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-7woody0_hppa.deb Size/MD5 checksum: 2304688 ae0eee4fac599d235df518c8aed02220 Motorola 680x0 architecture: http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-7woody0_m68k.deb Size/MD5 checksum: 2265824 e7cf4caad4048013762bf2eef7fbe53c Big endian MIPS architecture: http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-7woody0_mips.deb Size/MD5 checksum: 2285898 22b5967929450cfae83a009a864a0428 Little endian MIPS architecture: http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-7woody0_mipsel.deb Size/MD5 checksum: 2285466 67ad79342e043766c18d331d19927928 PowerPC architecture: http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-7woody0_powerpc.deb Size/MD5 checksum: 2283386 dabfa2d80c5178e7794a45c438dbd405 IBM S/390 architecture: http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-7woody0_s390.deb Size/MD5 checksum: 2272008 92da299f8c913fdf9bd8decf4176cf2c Sun Sparc architecture: http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-7woody0_sparc.deb Size/MD5 checksum: 2276286 3baa3ec01cdb1f9288af03703cfa27d5 -- Debian GNU/Linux 3.1 alias sarge -- Source archives: http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-17sarge1.dsc Size/MD5 checksum: 618 c16dea02615d3d54ad809da66f353567 http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-17sarge1.diff.gz Size/MD5 checksum: 49309 1db837fff1b5ed5e2a37bc6b3874ca70 http://ftp.debian.org/debian/pool/main/k/ketm/ketm_0.0.6.orig.tar.gz Size/MD5 checksum: 2300316 815dd1ec3d3e34ed563c2e8b846c1873 Architecture independent components: http://security.debian.org/pool/updates/main/k/ketm/ketm-data_0.0.6-17sarge1_all.deb Size/MD5 checksum: 2228258 f8e0206d18cb928629636ace10ad898c Alpha architecture: http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-17sarge1_alpha.deb Size/MD5 checksum: 100182 504db7244cfb3fa3f850d0ee174bf476 AMD64 architecture: http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-17sarge1_amd64.deb Size/MD5 checksum: 69582 2c2efd63e76afe5c680193d489815dec ARM architecture: http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-17sarge1_arm.deb Size/MD5 checksum: 69122 30ff71419a3e106bd067a983ed3db30f Intel IA-32 architecture: http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-17sarge1_i386.deb Size/MD5 checksum: 61034 a8d7eae4795a1caa3c47dca929e93254 Intel IA-64 architecture: http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-17sarge1_ia64.deb Size/MD5 checksum: 126326 728cd5e277b43ac8aef87cf092478168 HP Precision architecture: http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-17sarge1_hppa.deb Size/MD5 checksum: 89424 22aba3b17b99631d559d59d19ca0f669 Motorola 680x0 architecture: http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-17sarge1_m68k.deb Size/MD5 checksum: 50590 ac31fa12be1ac3fad1596d54a41e593b Big endian MIPS architecture: http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-17sarge1_mips.deb Size/MD5 checksum: 79420 2663c4a81111c9d3c9f43737a6899666 Little endian MIPS architecture: http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-17sarge1_mipsel.deb Size/MD5 checksum: 79134 c461cd34b6ced500a3622ebaf51bd07b PowerPC architecture: http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-17sarge1_powerpc.deb Size/MD5 checksum: 83890 01c28fdaa89ec3aef148c0ac0dc1656a IBM S/390 architecture: http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-17sarge1_s390.deb Size/MD5 checksum: 63110 dd95bef4893b7e5a0722d462a3374c6f Sun Sparc architecture: http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-17sarge1_sparc.deb Size/MD5 checksum: 73232 8e4594ac0f872bad24ef232accb00d9a -- Debian GNU/Linux unstable alias sid -- Fixed in version 0.0.6-17sarge1. PROVIDED AND/OR DISCOVERED BY: Steve Kemp ORIGINAL ADVISORY: http://www.debian.org/security/2005/dsa-926 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------