Debian Security Advisory
splitvt -- root exploit in splitvt
- Date Reported:
- 05 Jun 2000
- Affected Packages:
-
splitvt
- Vulnerable:
- Yes
- Security database references:
- In Mitre's CVE dictionary: CVE-2000-0467.
- More information:
- The version of splitvt distributed in Debian GNU/Linux 2.1
(a.k.a. slink), as well as in the frozen (potato) and unstable (woody)
distributions, is vulnerable to a local buffer overflow. This could be
exploited to give a shell running as root. This has been fixed in versions
1.6.3-7.0slink1 (for slink) and 1.6.3-7.1 (for potato), and we recommend that
you update your splitvt package immediately.
- Fixed in:
-
- Source:
- http://security.debian.org/dists/slink/updates/source/splitvt_1.6.3-7.0slink1.diff.gz
- http://security.debian.org/dists/slink/updates/source/splitvt_1.6.3-7.0slink1.dsc
- http://security.debian.org/dists/slink/updates/source/splitvt_1.6.3.orig.tar.g
- alpha:
- http://security.debian.org/dists/slink/updates/binary-alpha/splitvt_1.6.3-7.0slink1_alpha.deb
- i386:
- http://security.debian.org/dists/slink/updates/binary-i386/splitvt_1.6.3-7.0slink1_i386.deb
- m68k:
- http://security.debian.org/dists/slink/updates/binary-m68k/splitvt_1.6.3-7.0slink1_m68k.deb
- sparc:
- http://security.debian.org/dists/slink/updates/binary-sparc/splitvt_1.6.3-7.0slink1_sparc.deb
