Debian Security Advisory
super -- Buffer overflow in super.
- Date Reported:
- 15 Feb 1999
- Affected Packages:
- Security database references:
- In the Bugtraq database (at SecurityFocus): BugTraq ID 342, BugTraq ID 397.
In Mitre's CVE dictionary: CVE-1999-0373, CVE-1999-0381.
- More information:
- We have received reports about two buffer overflows in the
super package which was distributed as part of Debian GNU/Linux. Firstly, for
per-user .supertab files super didn't check for a buffer overflow when creating
the path to the user's .supertab file. Secondly another buffer overflow did
allow ordinary users to overflow super by creating a nasty personal .supertab
file. We recommend you upgrade your super packages immediately.
An analysis of the super vulnerability is available at this Securityfocus archive page.
- Fixed in: