Debian Security Advisory
libpam-smb -- remote root exploit
- Date Reported:
- 11 Sep 2000
- Affected Packages:
- libpam-smb
- Vulnerable:
- Yes
- Security database references:
- In Mitre's CVE dictionary: CVE-2000-0843.
- More information:
- libpam-smb contains a buffer overflow that can be used to
execute arbitrary commands with root privilege. libpam-smb was not shipped with
Debian 2.1 (slink), but was included in Debian 2.2 (potato).
A fixed version of libpam-smb is available in version 1.1.6-1 for Debian 2.2 (potato). We recommend upgrading your libpam-smb immediately.
- Fixed in:
-
Debian 2.2 (potato)
- Source:
-
http://security.debian.org/dists/potato/updates/main/source/libpam-smb_1.1.6-1.diff.gz
-
http://security.debian.org/dists/potato/updates/main/source/libpam-smb_1.1.6-1.dsc
-
http://security.debian.org/dists/potato/updates/main/source/libpam-smb_1.1.6.orig.tar.gz
- alpha:
-
http://security.debian.org/dists/potato/updates/main/binary-alpha/libpam-smb_1.1.6-1_alpha.deb
- arm:
-
http://security.debian.org/dists/potato/updates/main/binary-arm/libpam-smb_1.1.6-1_arm.deb
- i386:
-
http://security.debian.org/dists/potato/updates/main/binary-i386/libpam-smb_1.1.6-1_i386.deb
- powerpc:
-
http://security.debian.org/dists/potato/updates/main/binary-powerpc/libpam-smb_1.1.6-1_powerpc.deb
- sparc:
-
http://security.debian.org/dists/potato/updates/main/binary-sparc/libpam-smb_1.1.6-1_sparc.deb