SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |    Help    |   

SecurityTracker
Archives


Welcome to SecurityTracker!
 
Click to Sign Up
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Report a Bug
Report a vulnerability that you have found to SecurityTracker
Questions?
Want to learn about SecurityTracker? We've got answers to frequently asked questions right here
Sign Up!





Category:  Application (Generic)  >  Gpm Vendors:  [Multiple Authors/Vendors]
GPM Console Menu Utility Contains Format String Bug That Gives Local Users Root Access
Date:  Dec 27 2001
Impact:  Execution of arbitrary code via local system, Root access via local system
Fix Available:  Yes   Vendor Confirmed:  Yes  
Version(s): prior to 1.17.8-18.1
Description:  Debian reported a vulnerability in a component of the 'gpm' package. A local user can obtain root level access on the host.

It is reported that gpm-root, part of the 'gpm' package, contains a format string
vulnerability that allows a local user to gain root privileges.
Impact:  A local user can execute commands on the host with root level privileges, giving the user root level access on the host.
Solution:  Debian has released a fix for Debian GNU/Linux 2.2 alias potato:

Potato was released for alpha, arm, i386, m68k, powerpc and sparc.

Source archives:
http://security.debian.org/dists/stable/updates/main/source/gpm_1.17.8-18.1.diff.gz
MD5 checksum: 8c48aa1656391d3755c289a87db13bf0
http://security.debian.org/dists/stable/updates/main/source/gpm_1.17.8-18.1.dsc
MD5 checksum: bafbe8ffe73d3b5783e9841f1894af77
http://security.debian.org/dists/stable/updates/main/source/gpm_1.17.8.orig.tar.gz
MD5 checksum: 9d50c299bf925996546efaf32de1db7b

Alpha architecture:
http://security.debian.org/dists/stable/updates/main/binary-alpha/gpm_1.17.8-18.1_alpha. deb
MD5 checksum: 0e50705cadfd58777d02fa6806c10bdf
http://security.debian.org/dists/stable/updates/main/binary-alpha/libgpmg1-dev_1.17.8-18.1_alpha.deb
MD5 checksum: cbeeeac3795318255126814d71b7b945
http://security.debian.org/dists/stable/updates/main/binary-alpha/libgpmg1_1.17.8-18.1_alpha.deb
MD5 checksum: f5dd9e395259b037d20e013e112a55e8

ARM architecture:
http://security.debian.org/dists/stable/updates/main/binary-arm/gpm_1.17.8-18.1_arm.deb
MD5 checksum: 6b41896ddfed4a119d17e5d8e8391384
http://security.debian.org/dists/stable/updates/main/binary-arm/libgpmg1-dev_1.17.8-18.1_arm.deb
MD5 checksum: f02444fc5a9a6a7c7da0e1cb19df24a6
http://security.debian.org/dists/stable/updates/main/binary-arm/libgpmg1_1.17.8-18.1_arm.deb
MD5 checksum: 0ae3eb96377394d65e0e8031d0019147

Intel IA-32 architecture:
http://security.debian.org/dists/stable/updates/main/binary-i386/gpm_1.17.8-18.1_i 386.deb
MD5 checksum: 18c837abec8360db146681d2a713177a
http://security.debian.org/dists/stable/updates/main/binary-i386/libgpm1-altdev_1.17.8-18.1_i386.deb
MD5 checksum: f60aa2b9720ee597f18fa3fa86a8af6e
http://security.debian.org/dists/stable/updates/main/binary-i386/libgpm1_1.17.8-18.1_i386.deb
MD5 checksum: 815a1e90fe36e603f0803f92b6898f19
http://security.debian.org/dists/stable/updates/main/binary-i386/libgpmg1-dev_1.17.8-18.1_i386.deb
MD5 checksum: 514a1baee569e548349f7c4dc2941f3d
http://security.debian.org/dists/stable/updates/main/binary-i386/libgpmg1_1.17.8-18.1_i386.deb
MD5 checksum: 52014c36f8155a0c89e9ade02d91cdbe

Motorola 680x0 architecture:
http://security.debian.org/dists/stable/updates/main/binary-m68k/gpm_1.17.8-18. 1_m68k.deb
MD5 checksum: ce61772d26c799bce33d729ed7fc67b7
http://security.debian.org/dists/stable/updates/main/binary-m68k/libgpm1-altdev_1.17.8-18.1_m68k.deb
MD5 checksum: 923894ee7bdc1a8e648881eaf5f372da
http://security.debian.org/dists/stable/updates/main/binary-m68k/libgpm1_1.17.8-18.1_m68k.deb
MD5 checksum: 019de1ecb144e3d10b5978ea640a24c4
http://security.debian.org/dists/stable/updates/main/binary-m68k/libgpmg1-dev_1.17.8-18.1_m68k.deb
MD5 checksum: 88d75f4b1f85e6aee903f886b311e127
http://security.debian.org/dists/stable/updates/main/binary-m68k/libgpmg1_1.17.8-18.1_m68k.deb
MD5 checksum: 1ea940b2e3c5d7fade43d75ed3253569

PowerPC architecture:
http://security.debian.org/dists/stable/updates/main/binary-powerpc/gpm_1.17.8-18.1_po werpc.deb
MD5 checksum: aa2415e6f489af235e173d6d5a69b05f
http://security.debian.org/dists/stable/updates/main/binary-powerpc/libgpmg1-dev_1.17.8-18.1_powerpc. deb
MD5 checksum: cd823ce39eb4125ed4a8dd0c17362107
http://security.debian.org/dists/stable/updates/main/binary-powerpc/libgpmg1_1.17.8-18.1_powerpc.deb
MD5 checksum: 0188cb6c4ffd82a146812e53c1387918

Sun Sparc architecture:
http://security.debian.org/dists/stable/updates/main/binary-sparc/gpm_1.17.8-18.1_sp arc.deb
MD5 checksum: b703c2e30b52446508f18951551839a3
http://security.debian.org/dists/stable/updates/main/binary-sparc/libgpmg1-dev_1.17.8-18.1_sparc.deb
MD5 checksum: b8a75b6ab45f649b9e458cf778545a9e
http://security.debian.org/dists/stable/updates/main/binary-sparc/libgpmg1_1.17.8-18.1_sparc.deb
MD5 checksum: fa4ae1bda04f3b13622d6e6bc9ffcb35
These packages will be moved into the stable distribution on its next revision.
Cause:  Input validation error
Underlying OS:  Linux (Any), UNIX (Any)
Reported By:  Robert van der Meulen <rvdm@debian.org>
Message History:   None.

 Source Message Contents
Date:  Thu, 27 Dec 2001 21:22:10 +0100
From:  Robert van der Meulen <rvdm@debian.org>
Subject:  [SECURITY] [DSA-095-1] gpm (gpm-root) format string vulnerabilities

 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-095-1                   security@debian.org
http://www.debian.org/security/                    Robert van der Meulen
December 27, 2001
- ------------------------------------------------------------------------


Package        : gpm
Problem type   : local root vulnerability
Debian-specific: no

The package 'gpm' contains the 'gpm-root' program, which can be used to
create mouse-activated menus on the console.
Among other problems, the gpm-root program contains a format string
vulnerability, which allows an attacker to gain root privileges.

This has been fixed in version 1.17.8-18.1, and we recommend that you upgrade
your 1.17.8-18 package immediately.

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.


Debian GNU/Linux 2.2 alias potato
- ---------------------------------

  Potato was released for alpha, arm, i386, m68k, powerpc and sparc.

  Source archives:
    http://security.debian.org/dists/stable/updates/main/source/gpm_1.17.8-18.1.diff.gz
      MD5 checksum: 8c48aa1656391d3755c289a87db13bf0
    http://security.debian.org/dists/stable/updates/main/source/gpm_1.17.8-18.1.dsc
      MD5 checksum: bafbe8ffe73d3b5783e9841f1894af77
    http://security.debian.org/dists/stable/updates/main/source/gpm_1.17.8.orig.tar.gz
      MD5 checksum: 9d50c299bf925996546efaf32de1db7b

  Alpha architecture:
    http://security.debian.org/dists/stable/updates/main/binary-alpha/gpm_1.17.8-18.1_alpha.deb
      MD5 checksum: 0e50705cadfd58777d02fa6806c10bdf
    http://security.debian.org/dists/stable/updates/main/binary-alpha/libgpmg1-dev_1.17.8-18.1_alpha.
deb
      MD5 checksum: cbeeeac3795318255126814d71b7b945
    http://security.debian.org/dists/stable/updates/main/binary-alpha/libgpmg1_1.17.8-18.1_alpha.deb
      MD5 checksum: f5dd9e395259b037d20e013e112a55e8

  ARM architecture:
    http://security.debian.org/dists/stable/updates/main/binary-arm/gpm_1.17.8-18.1_arm.deb
      MD5 checksum: 6b41896ddfed4a119d17e5d8e8391384
    http://security.debian.org/dists/stable/updates/main/binary-arm/libgpmg1-dev_1.17.8-18.1_arm.deb
      MD5 checksum: f02444fc5a9a6a7c7da0e1cb19df24a6
    http://security.debian.org/dists/stable/updates/main/binary-arm/libgpmg1_1.17.8-18.1_arm.deb
      MD5 checksum: 0ae3eb96377394d65e0e8031d0019147

  Intel IA-32 architecture:
    http://security.debian.org/dists/stable/updates/main/binary-i386/gpm_1.17.8-18.1_i386.deb
      MD5 checksum: 18c837abec8360db146681d2a713177a
    http://security.debian.org/dists/stable/updates/main/binary-i386/libgpm1-altdev_1.17.8-18.1_i386.
deb
      MD5 checksum: f60aa2b9720ee597f18fa3fa86a8af6e
    http://security.debian.org/dists/stable/updates/main/binary-i386/libgpm1_1.17.8-18.1_i386.deb
      MD5 checksum: 815a1e90fe36e603f0803f92b6898f19
    http://security.debian.org/dists/stable/updates/main/binary-i386/libgpmg1-dev_1.17.8-18.1_i386.de
b
      MD5 checksum: 514a1baee569e548349f7c4dc2941f3d
    http://security.debian.org/dists/stable/updates/main/binary-i386/libgpmg1_1.17.8-18.1_i386.deb
      MD5 checksum: 52014c36f8155a0c89e9ade02d91cdbe

  Motorola 680x0 architecture:
    http://security.debian.org/dists/stable/updates/main/binary-m68k/gpm_1.17.8-18.1_m68k.deb
      MD5 checksum: ce61772d26c799bce33d729ed7fc67b7
    http://security.debian.org/dists/stable/updates/main/binary-m68k/libgpm1-altdev_1.17.8-18.1_m68k.
deb
      MD5 checksum: 923894ee7bdc1a8e648881eaf5f372da
    http://security.debian.org/dists/stable/updates/main/binary-m68k/libgpm1_1.17.8-18.1_m68k.deb
      MD5 checksum: 019de1ecb144e3d10b5978ea640a24c4
    http://security.debian.org/dists/stable/updates/main/binary-m68k/libgpmg1-dev_1.17.8-18.1_m68k.de
b
      MD5 checksum: 88d75f4b1f85e6aee903f886b311e127
    http://security.debian.org/dists/stable/updates/main/binary-m68k/libgpmg1_1.17.8-18.1_m68k.deb
      MD5 checksum: 1ea940b2e3c5d7fade43d75ed3253569

  PowerPC architecture:
    http://security.debian.org/dists/stable/updates/main/binary-powerpc/gpm_1.17.8-18.1_powerpc.deb
      MD5 checksum: aa2415e6f489af235e173d6d5a69b05f
    http://security.debian.org/dists/stable/updates/main/binary-powerpc/libgpmg1-dev_1.17.8-18.1_powe
rpc.deb
      MD5 checksum: cd823ce39eb4125ed4a8dd0c17362107
    http://security.debian.org/dists/stable/updates/main/binary-powerpc/libgpmg1_1.17.8-18.1_powerpc.
deb
      MD5 checksum: 0188cb6c4ffd82a146812e53c1387918

  Sun Sparc architecture:
    http://security.debian.org/dists/stable/updates/main/binary-sparc/gpm_1.17.8-18.1_sparc.deb
      MD5 checksum: b703c2e30b52446508f18951551839a3
    http://security.debian.org/dists/stable/updates/main/binary-sparc/libgpmg1-dev_1.17.8-18.1_sparc.
deb
      MD5 checksum: b8a75b6ab45f649b9e458cf778545a9e
    http://security.debian.org/dists/stable/updates/main/binary-sparc/libgpmg1_1.17.8-18.1_sparc.deb
      MD5 checksum: fa4ae1bda04f3b13622d6e6bc9ffcb35
  These packages will be moved into the stable distribution on its next
  revision.

For not yet released architectures please refer to the appropriate
directory ftp://ftp.debian.org/debian/dists/sid/binary-$arch/ .
- -- 
- ----------------------------------------------------------------------------
apt-get: deb http://security.debian.org/ stable/updates main
dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE8K4LkFLJHZigagQ4RAqikAKC7ogsUzIlAreE5/Mki78uqCnvPpgCgqdRl
t+b1OntlAE3rvVNBC/0vej8=
=ByVf
-----END PGP SIGNATURE-----


-- 
To UNSUBSCRIBE, email to debian-security-announce-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us   |    Help

Copyright 2002, SecurityGlobal.net LLC