Debians sikkerhedsbulletin

DSA-036-1 Midnight Commander -- vilkårlig programudførelse

Rapporteret den:

7. mar 2001

Berørte pakker:

mc, gmc

Sårbar:

Referencer i sikkerhedsdatabaser:

I Bugtraq-databasen (hos SecurityFocus): BugTraq-id 2016.
I Mitres CVE-ordbog: CVE-2000-1109.

Yderligere oplysninger:

Det er blevet rapporteret at en lokal bruger kan få en anden brugers Midnight Commander til at udføre vilkårlige programmer under denne brugers id. Dette er blevet rettet af Andrew V. Samoilov.

Vi anbefaler at du opgraderer din mc-pakke.

Rettet i:

Debian 2.2 (potato)

Kildekode:: http://security.debian.org/dists/stable/updates/main/source/mc_4.5.42-11.potato.6.diff.gz; http://security.debian.org/dists/stable/updates/main/source/mc_4.5.42-11.potato.6.dsc; http://security.debian.org/dists/stable/updates/main/source/mc_4.5.42.orig.tar.gz
alpha:: http://security.debian.org/dists/stable/updates/main/binary-alpha/gmc_4.5.42-11.potato.6_alpha.deb; http://security.debian.org/dists/stable/updates/main/binary-alpha/mc-common_4.5.42-11.potato.6_alpha.deb; http://security.debian.org/dists/stable/updates/main/binary-alpha/mc_4.5.42-11.potato.6_alpha.deb
arm:: http://security.debian.org/dists/stable/updates/main/binary-arm/gmc_4.5.42-11.potato.6_arm.deb; http://security.debian.org/dists/stable/updates/main/binary-arm/mc-common_4.5.42-11.potato.6_arm.deb; http://security.debian.org/dists/stable/updates/main/binary-arm/mc_4.5.42-11.potato.6_arm.deb
i386:: http://security.debian.org/dists/stable/updates/main/binary-i386/gmc_4.5.42-11.potato.6_i386.deb; http://security.debian.org/dists/stable/updates/main/binary-i386/mc-common_4.5.42-11.potato.6_i386.deb; http://security.debian.org/dists/stable/updates/main/binary-i386/mc_4.5.42-11.potato.6_i386.deb
m68k:: http://security.debian.org/dists/stable/updates/main/binary-m68k/gmc_4.5.42-11.potato.6_m68k.deb; http://security.debian.org/dists/stable/updates/main/binary-m68k/mc-common_4.5.42-11.potato.6_m68k.deb; http://security.debian.org/dists/stable/updates/main/binary-m68k/mc_4.5.42-11.potato.6_m68k.deb
powerpc:: http://security.debian.org/dists/stable/updates/main/binary-powerpc/gmc_4.5.42-11.potato.6_powerpc.deb; http://security.debian.org/dists/stable/updates/main/binary-powerpc/mc-common_4.5.42-11.potato.6_powerpc.deb; http://security.debian.org/dists/stable/updates/main/binary-powerpc/mc_4.5.42-11.potato.6_powerpc.deb
sparc:: http://security.debian.org/dists/stable/updates/main/binary-sparc/gmc_4.5.42-11.potato.6_sparc.deb; http://security.debian.org/dists/stable/updates/main/binary-sparc/mc-common_4.5.42-11.potato.6_sparc.deb; http://security.debian.org/dists/stable/updates/main/binary-sparc/mc_4.5.42-11.potato.6_sparc.deb