[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 713-1] sniffit security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : sniffit
Version        : 0.3.7.beta-16.1+deb7u1
CVE ID         : CVE-2014-5439
Debian Bug     : 845122

It was discovered that there was a buffer overflow in the packet sniffer and
monitoring tool "sniffit" which allowed a specially-crafted configuration file
to provide a root shell.

For Debian 7 "Wheezy", this issue has been fixed in sniffit version
0.3.7.beta-16.1+deb7u1.

We recommend that you upgrade your sniffit packages.


Regards,

- -- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlgytIQACgkQHpU+J9Qx
Hli+Xg/8DqE8r2nM1R9XCDJgUsjrwjn+AqTaRuNlJU+H5Di/lL/8nILDV8ho/oiL
X7U1oRALlMarvt3uQ1gScbyXbgGuyy9QHUcOxCv6mnW08nSnjOFn/MbNEL6Ta/XC
75irodmHezSuZRWW8CxupJ4iHiTeYk/QAYpA48XzU0atIpztbb3QWMcSjOWcCfIC
MUp6u0w7HPuVLX7QRxSavTBeHyG4DvdeLep6pXUkKvqz++i0DvIicNNDUHCIHcun
B9TxCmUXwvnoUV9fuplIFbFFy/XZ4pBMAfAwuA9dLnVdGNFEIcUKY5Y7mvix0lLd
lZXFzo9PgViDcVIeiUQ8wKHVPwO+fCUHosmD95vZpDjnPS89NkP+tYCXyZ4vEU8u
K9MIkomItNgHHfVSJ9SUE8Bmwa9uo18N5D8a6qbxipgCmnri7S3aNO051T7pVXOk
21JIBahGJX5zovLXv5knbp2JNhYF5SLhT281zAvUpu7jrETRHGUZOO7Mp6fb9FXg
var4uM9RPWUN5iFfbIapxAsX1naFSxRc2Wr8YOy4FAjsvT10QiET6tEV9Cvx8DrK
1pJWSizJmSKNKrQtUhS82GlFHc8UhJRnmn2SfUk6W/EatrSg1ftqvqlMMnO/Z0S8
1C54Wp2i3JXrWHnkXv+EShgD5OiXPS4lqZZz65/Uk0csu+rjlhs=
=aIhU
-----END PGP SIGNATURE-----
Reply to: