Debian Security Advisory

userv -- local exploit

Date Reported:
27 Jul 2000
Affected Packages:
userv
Vulnerable:
Yes
Security database references:
No other external database security references currently available.
More information:
The version of userv that was distributed with Debian GNU/Linux 2.1 (slink) had a problem in the fd swapping algorithm: it could sometimes make an out-of-bounds array reference. It might be possible for local users to abuse this to carry out unauthorised actions or be able to take control for service user accounts.

This has been fixed in version 1.0.1.0slink for Debian GNU/Linux 2.1, and version 1.0.1.1potato for Debian GNU/Linux 2.2.

Fixed in:

Debian GNU/Linux 2.1 (slink):

Source:
http://security.debian.org/dists/slink/updates/source/userv_1.0.1.0slink.dsc
http://security.debian.org/dists/slink/updates/source/userv_1.0.1.0slink.tar.gz
alpha:
http://security.debian.org/dists/slink/updates/binary-alpha/userv_1.0.1.0slink_alpha.deb
i386:
http://security.debian.org/dists/slink/updates/binary-i386/userv_1.0.1.0slink_i386.deb
m68k:
http://security.debian.org/dists/slink/updates/binary-m68k/userv_1.0.1.0slink_m68k.deb
sparc:
http://security.debian.org/dists/slink/updates/binary-sparc/userv_1.0.1.0slink_sparc.deb

Debian GNU/Linux 2.2 (potato)

Source:
http://security.debian.org/dists/potato/updates/main/source/userv_1.0.1.1potato.dsc
http://security.debian.org/dists/potato/updates/main/source/userv_1.0.1.1potato.tar.gz
alpha:
http://security.debian.org/dists/potato/updates/main/binary-alpha/userv_1.0.1.1potato_alpha.deb
i386:
http://security.debian.org/dists/potato/updates/main/binary-i386/userv_1.0.1.1potato_i386.deb
sparc:
http://security.debian.org/dists/potato/updates/main/binary-sparc/userv_1.0.1.1potato_sparc.deb