Re: [SECURITY] new version isdnutils fixes exploitable xmonisdn

From: Florian Weimer (fwat_private)
Date: Tue Aug 17 1999 - 05:56:26 PDT

Next message: ibm-ersat_private: "IBM-ERS Security Vulnerability Alert: IBM C Set ++ for AIX Source"

Previous message: gregory duchemin: "Stupid bug in W3-msql"
Maybe in reply to: Aleph One: "[SECURITY] new version isdnutils fixes exploitable xmonisdn"
Next in thread: Chmouel Boudjnah: "Re: [SECURITY] new version isdnutils fixes exploitable xmonisdn"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Aleph One <aleph1at_private> writes:

> We have received reports that the version of xmonisdn as distributed
> in the isndutils package from Debian GNU/Linux 2.1 has a security
> problem.

Note that other Linux distributions may be affected as well.
The makefile that comes with the (rather outdated) isdn4kutils betas
and that was in the isdn4linux CVS tree installed xmonisdn setuid root,
too (until Paul Slootman committed a fix at the beginning of August).

Next message: ibm-ersat_private: "IBM-ERS Security Vulnerability Alert: IBM C Set ++ for AIX Source"
Previous message: gregory duchemin: "Stupid bug in W3-msql"
Maybe in reply to: Aleph One: "[SECURITY] new version isdnutils fixes exploitable xmonisdn"
Next in thread: Chmouel Boudjnah: "Re: [SECURITY] new version isdnutils fixes exploitable xmonisdn"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:56:47 PDT